autonomous-dispatcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The dispatcher and wrapper scripts (e.g., autonomous-dev.sh PROMPT building which inserts ISSUE_BODY, and autonomous-review.sh which loads issue/PR comments and PR inline review comments into the review PROMPT) explicitly fetch GitHub issue and PR content (untrusted, user-generated) and feed it into agent prompts that drive decisions and tool actions, so third‑party issue/comment text can materially influence agent behavior.