ln-401-task-executor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required Step 2 "Load Context" explicitly mandates fetching the full task description via the configured tracker provider (getTask) (see SKILL.md Step 2 and references/tracker_provider_contract.md), which can be bound to public/third‑party trackers like GitHub Issues or Linear and contains user-generated task/AC content that the agent must read and act on (driving implementation plans, edits, and status changes), creating a clear vector for indirect prompt injection.