drive-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-provided external/off-branch specs and linked tickets and PR bodies (see §2.2 "External / off-branch spec (if provided by the user or linked in the PR body)" and "If a Linear ticket link exists and you can fetch it..."), so untrusted third-party content can be fetched and used to shape review specs, acceptance-criteria verification, and subsequent actions.