analyze-ci-failures

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and reads build step logs and artifact ZIPs from the public Azure DevOps vcpkg project via the Azure DevOps REST API (see SKILL.md Phase 1 steps 2–4 and references/azure-devops-api.md), and it is required to parse and act on verbatim REGRESSION/FAIL lines from PR and build logs (user-contributed PRs/build output), which are untrusted third‑party content that can influence report generation and subsequent actions.