ln-403-task-rework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly loads task data and reviewer comments via the configured tracker provider (getTask, listComments, getStory) and the provider bindings include GitHub Issues/Projects and Linear APIs (references/provider_github.md and references/provider_linear.md), meaning untrusted user-generated issue/comments from third-party trackers are read and used to plan and implement code edits, so those external contents can materially influence agent actions.