vista

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's INGEST/PARSE workflow explicitly pulls and parses user-generated CI artifacts from third‑party platforms (e.g., "CI fetch — when only run IDs are given, pull artifacts via gh run download (GitHub) or platform API" in references/test-artifact-formats.md and the INGEST steps that discover junit.xml / allure-results / playwright-report / CTRF), and those parsed, untrusted test reports directly influence classifications, findings, and handoffs (anti-pattern detection, flake/quarantine decisions, AI-origin lens), so third‑party content could materially drive agent behavior.