fusion-issue-authoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and reads user-generated GitHub content (e.g., mcp_github::search_issues, GraphQL fallback queries in assets/graphql/, and repository files like CONTRIBUTING.md or .github/ISSUE_TEMPLATE/) and uses those results to classify, deduplicate, choose templates/labels/assignees and drive mutation decisions, so untrusted third-party content can materially influence agent behavior.