sprint

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required Step 2 ("Fetch Requirements (Parallel)") instructs issue-worker subagents to "Read GitHub issue #67" (and other issue pages) and extract goals/acceptance criteria, which requires ingesting untrusted, user-generated content from public GitHub issues that can directly influence tooling, decisions, and subsequent agent actions.