monitor-rollout

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs plan-specified polls and indicator queries against external services (e.g., scripts/poll_http.sh, poll_github_actions.sh, poll_buildkite.sh and telemetry queries to Datadog as described in SKILL.md and the references), so it ingests untrusted third-party HTTP/CI/telemetry content which the agent reads and uses to make monitoring decisions and trigger plan-mode handoffs.