test-documentation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required Phase 1 inputs explicitly instruct the agent to read User Story/Epic "Description, ACs, comments, linked issues" from the issue tracker (SKILL.md §Phase 1 — "Inputs you must gather"), which is user-generated/untrusted content the agent is expected to interpret and use to make decisions and create/update TMS artifacts, so those external text fields could carry indirect prompt-injection instructions.