ask-author

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill’s runtime workflow (“materialize” / “prepare”) can fetch and summarize an outsider-authored tracked Issue from the repo’s issue tracker, and that issue body text is ingested into the agent’s LLM context via the “prepare → grill” path.