unsigned-desktop-release-playbook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The playbook explicitly instructs downloading release assets from GitHub (Packaging Validation Workflow step 1), i.e., public user-provided binaries that the agent is expected to inspect/validate and that could materially influence verification and follow-up actions, so it exposes the agent to untrusted third‑party content.