debrief

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required Execution Flow (step 2: "Gather evidence from the codebase") explicitly runs commands like gh pr view, gh run list/gh run view, and inspects commits/PRs/CI runs — which pulls user-generated content from GitHub and related monitoring/links and that content is read and used to determine root cause and actions, so untrusted third-party content can influence behavior.