krt-ci-questor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 2
• Gather Evidence) explicitly instructs the agent to fetch/read job logs, annotations, artifacts, test reports and to use provider CLIs (e.g., gh, glab, circleci, Jenkins API), which pulls untrusted, user-generated content from public CI providers and the web and that content is used to drive diagnosis and actions.