dev-advocate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to read public GitHub issues, search Stack Overflow, and review social media/Discord threads (Step 1: "Read every GitHub issue... Search Stack Overflow... Review social media mentions and Discord/Slack"), which are untrusted, user-generated third‑party sources that the agent must ingest and that can materially influence prioritization and actions.