finops-waste

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly calls the GitHub API in scripts/waste-analysis.sh (gh api "/repos/$REPO/actions/runs?per_page=100") to ingest Actions run metadata (workflow names, actor logins, run data) from a repository—user-generated/untrusted content that the agent reads and uses to drive analysis and suggested edits.