dead-code-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs spawned subagents to search and interpret content from issue trackers, design documents, README/docs and VCS/commit/PR context (see "Multi-Perspective Validation" / "Agent Prompts" in SKILL.md), which are untrusted, user-generated third‑party sources that the agent will read and use to decide actions.