geekbot-run

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "External Context Enrichment" and the Reporter Workflows (SKILL.md and reporter-workflows.md) explicitly instruct the agent to pull and ingest activity from connected MCP servers (e.g., GitHub, Jira, Calendar, Slack) to pre-populate drafts and analytics, which are untrusted/user-generated third‑party sources that the agent will read and act on.