melt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via conflict-summary.py, which reads conflicted file contents from the working tree (Path(path).read_text()) and prints the hunks/context; those file contents originate from other authors’ commits (i.e., “theirs”/outsider-authored code) and are then surfaced to the agent/LLM.