broker-build-deploy-fix-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and included scripts (probe_broker_auth.py and broker_auth_matrix.py) explicitly fetch and inspect public URLs — e.g., the dev App Service URL https://lumina-sandbox-broker-dev-westus2.azurewebsites.net/ and external upstreams like https://www.bing.com/ — and those HTTP responses and bodies are parsed and used to decide build/deploy/validation actions, so untrusted third-party content can influence agent behavior.