ol-sdd-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This orchestrator explicitly reads and acts on user-generated third-party content — e.g., Confluence pages and JIRA issues/sprints via the mcp__claude_ai_Atlassian__* integrations as documented in the SKILL.md probes and the "Confluence and JIRA Integration"/"Workflow State Detection" sections — so arbitrary external content can be interpreted and drive phase decisions and tool routing.