migrate-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required workflow calls an MCP tool (harness_get) to fetch an existing Harness pipeline (outsider-authored content relative to the skill’s static SKILL.md), and that fetched pipeline body is then converted and “shown”/used in the agent’s LLM context, creating an indirect prompt-injection path via arbitrary pipeline text.