feature-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow explicitly instructs the agent to read GitHub issues (e.g., "read all GitHub issues in that bounded set" and the Search Defaults showing gh issue view / gh issue list), which are user-generated, public third-party content that the agent is expected to interpret and that can materially influence its findings.