pr-babysit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). Outsider-authored free text is ingested via the runtime fetch of PR/MR review comments/discussion threads in step 1 (“Fetch … all review comments, all general comments, all review threads / discussions”), and those bodies are then processed for dedup/triage and used to generate replies.