changelog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow explicitly instructs the agent to read and interpret public GitHub PRs and comments via gh pr view --comments, consult the public JetBrains plugin versions page (https://plugins.jetbrains.com/...), and perform web searches for official sources—all of which are untrusted, user-generated third-party content that directly influence changelog decisions and actions.