inbox-exploration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to retrieve and inspect raw signal text via the signals skill (HogQL on document_embeddings) and to surface reports from integrations like GitHub, Linear, and Zendesk, so the agent will read untrusted, user-generated third‑party content that can influence triage and next actions.