oma-observability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly requires live verification of CNCF/vendor status by fetching the public CNCF landscape (see "When CNCF/vendor status is load-bearing, verify live state at https://landscape.cncf.io" and the RESOURCE scope NETWORK: Vendor/CNCF status and telemetry backends when checked), so it ingests third‑party web content that can change routing/delegation decisions.