roundfix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via the “assigned Review Issue files” during an assigned Batch run, since those files contain CodeRabbit reviewer text authored by an outsider and are explicitly treated as untrusted input by the workflow.