triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the SKILL.md explicitly instructs the agent to query and read issue tracker data (issue bodies, comments, reporters, labels, dates) as part of "Junte contexto" and "Mostre o que precisa de atenção", which are untrusted, user-generated third‑party contents that will directly influence triage decisions and subsequent actions.