ln-315-review-merge-worker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly launches external advisor agents via references/agents/agent_runner.mjs and instructs them to "read Linear directly" and "Search the web" (see references/agent_delegation_pattern.md, references/agent_review_workflow.md, and references/agents/prompt_templates/review_base.md), and those agent-produced reports are read and used in Critical Verification and Iterative Refinement to accept/apply suggestions—so untrusted third-party content can be ingested and materially influence decisions.