coral-review-source-spec

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly directs the agent to read guidance from the public Coral GitHub repository ("Read guidance in the Coral repo ..."), which is an open, user-generated third-party source that the agent is expected to interpret as part of its review and could materially influence its decisions.