decision-memory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required workflow ingests “the relevant diff, plan, issue, chat context, design doc, or code” (step 3), which commonly includes outsider-authored free text such as issue/discussion content or chat messages from other parties, and then uses it to decide whether to write/update an ADR.