standup-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 5 ("Check GitHub sources") reads the Sources list from standup.config.md and uses the gh/MCP tools to query public GitHub repositories (commits, PRs, reviews, issues)—untrusted user-generated content—which the agent reads and uses to decide what to include in the standup notes, directly influencing its actions.