triage-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to call Gitee MCP tools (list_repo_issues and get_repo_issue_detail) to fetch and analyze open repository Issues (public, user-generated content) and then use that content to drive labeling, prioritization, and comments, so untrusted third‑party issue text can influence tool actions.