pipeline-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly Glob/Read-ing repository CI/CD configuration files (e.g., .github/workflows/*.yml, Jenkinsfile, cloudbuild.yaml) ingests user-provided/untrusted pipeline content and uses it to determine SLSA levels and drive remediation decisions, so third-party file contents could indirectly inject instructions that influence the agent's outputs.