agent-loops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (see SKILL.md sections for specialist-review and test-review-request) runs bundled scripts that invoke external LLM providers (Claude/Gemini/Codex), requires the agent to read their produced artifacts (REVIEW_FILE / REPORT_FILE) and then act on those findings (remediations, files to change, commit actions), which means untrusted third‑party model output is ingested and can materially influence tool use and next actions.