technical-program-manager-security-cvd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text can enter the agent’s LLM context via the “Intake and triage” workflow, where the skill receives vulnerability reports from external parties through email/web portal/bounty platforms and then uses that report content (reporter steps/impact) to dedupe, reproduce, and draft researcher communications.