os-integrations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and parses live content from external services (discover_tasks.py pulls the task graph JSON from the Taskcluster index API at https://firefox-ci-tc.services.mozilla.com and fetch_worker_pools.py uses the GitHub CLI to read worker-pools.yml from mozilla-releng/fxci-config), and run_try.py uses those fetched labels/queries to construct and execute mach try commands—so untrusted third-party artifacts are read at runtime and directly influence tooling and actions.