generate-standup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's context script (scripts/get-standup-context.sh) uses the gh CLI to fetch PRs, issues, and discussions from public GitHub repositories (e.g., mitodl, openedx, and mitodl/hq) and the SKILL.md explicitly requires ingesting and classifying that live user-generated GitHub content to build and post standups, which exposes the agent to untrusted third-party content that can influence its actions.