context-mode-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows (e.g., validation.md, review-pr.md, triage-issue.md, marketing.md) explicitly instruct agents to fetch and verify information from public third-party sources — using WebSearch, ctx_fetch_and_index/Context7, and GitHub API/gh commands to read external docs, web pages, issues, and release data — and those external, user-generated or public documents are used to make verification, triage, and merge/release decisions, which could allow indirect prompt injection.