issue-discover

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated content (e.g., Phase 1: "gh issue view ..." in phases/01-issue-new.md to read GitHub issue bodies) and performs external research (Exa/Gemini/ACE searches and Exa agents in phases/02-discover.md and phases/03-discover-by-prompt.md) that the agents read and use to drive planning and actions, so untrusted third‑party content can materially influence tool use and decisions.