community-executive-escalations-program-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows explicitly require monitoring and triaging public community content (e.g., "social, forum, GitHub, Discord, public posts" in references/community_escalation_playbook.md and intake fields including "forum thread URL" in references/intake_triage_matrix.md), which means the agent would ingest and act on untrusted, user-generated third‑party content to drive severity, routing, and response decisions.