monitor-tool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Monitor tool's examples show it reading and reacting to external, user-generated runtime outputs such as CI/PR failure logs ("Watch CI on my current branch and fix any failures" / "reads the failure output"), which are untrusted third-party content the agent ingests and uses to decide and perform actions.