rig

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads and parses user-generated repository files (e.g., package.json scripts and pipeline YAMLs discovered during Phase 2 as described in references/phase-prompts.md) and then uses those findings to customize and execute actions (e.g., building lefthook.yml, CI workflows, and registering Azure pipelines in references/configuration-steps.md), so arbitrary repo content can materially influence tool use and next actions.