ziw-implement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text is ingested via the “linked tracker issue body, comments, labels, dependencies, and attachments” and “PR comments, failed checks, issue context” that the skill reads at runtime to scope/evidence the work; these are authored by external parties on the tracker.