synthesis-code-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and review external contributor branches and diffs (e.g., "Step 1: Assess — Fetch the branch and review the diff" and commands like "git fetch origin" / "git checkout contributor/branch"), meaning it ingests untrusted, user-generated repository content that the agent must read and use to decide merges, cherry-picks, and deployments — a clear vector for indirect prompt injection.