openchoreo-platform-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CI/workflow guidance explicitly runs Argo steps that checkout arbitrary Git repositories and inline workload.yaml from those repos (see references/recipes/author-a-ci-workflow.md and references/concepts.md describing the checkout-source and generate-workload steps), and the agent is expected to read/inspect the resulting Workload/CRs via MCP—meaning untrusted, user-provided repo content can influence subsequent tool actions and decisions.