incident-postmortem-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests timeline data from third-party, user-generated sources — SKILL.md lists "Slack export, PagerDuty incident, or a CSV (timestamp,event,actor)" and build.py's load_timeline opens and parses the provided timeline CSV, so the agent will read and act on untrusted timeline content that can influence metrics, root cause, and action items.