codegraph-qa

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and parses public, user-generated GitHub issues (see "Bug Root Cause Analysis" in SKILL.md and bug-analysis.md — e.g., cs.analyze_issue / codegraph fetch-issue / cs.analyze_top_bugs and the fetch_and_parse_issue component), which the agent reads and uses to drive semantic search and root-cause decisions, exposing it to untrusted third-party content that could carry indirect prompt injection.