Gitee Workflow Automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly calls Gitee MCP endpoints (e.g., mcp_gitee_list_repo_pulls, mcp_gitee_get_pull_detail, mcp_gitee_get_diff_files, mcp_gitee_get_file_content and mcp_gitee_list_repo_issues) to fetch and analyze user-generated repository/issue/PR content from the third‑party Gitee service, which the agent is expected to read and act on (summarize, assign, merge), allowing untrusted content to influence decisions.