youtrack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Discovery Protocol explicitly requires the agent to "Query the project" and "Check existing issues" (search for duplicates) so the agent will fetch and interpret user-generated YouTrack project configuration, issue summaries/descriptions and comments from third-party YouTrack instances, which can directly influence field-setting, state transitions, linking and other actions.