ln-400-story-executor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly loads task and story metadata from external tracker providers (Phase 1 Discovery: "listTasksByStory(storyId)" with transports per references/provider_github.md and references/provider_linear.md) and then builds prompts and makes decisions (Scenario Validation uses Story ACs/traceability and launches an agent via references/agents/agent_runner.mjs), so untrusted, user-generated content from GitHub/Linear can be ingested and materially influence agent prompts and subsequent actions.