ado-gateway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated Azure DevOps content (PR threads and work item payloads) from dev.azure.com via scripts/scripts/fetch-pr-comments.sh and scripts/fetch-work-item.sh and then normalizes those comments/descriptions into a handoff consumed by downstream skills, so untrusted third-party content can materially influence subsequent behavior.