spike

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) calls out GH mode using gh issue view <number> to read the Spec and explicitly parses the user-generated "Requires" field from GitHub issues to drive research, spikes, decisions, and edits, so untrusted third‑party issue content can influence agent actions.