gadd-verify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly requires reading external tracker data (e.g., implementation PR state from GitHub and External Issue drift metadata) as part of its Workflow and the "Implementation PR State Rule" (workflow step 6 and related rules), which are untrusted, user-generated third‑party sources and therefore could carry indirect prompt-injection content that materially influences verification decisions.