ERR_VALIDATION: ❌ Security threats detected: prompt injection Reasons: The workflow prompt file (prompt.txt) contains injected JSON at its end that pre-fabricates a complete 'success' result: all 18 projects across 8 ecosystems shown as passing, with add_labels and add_comment safeoutputs calls. The agent_output.json matches this injected JSON exactly, indicating the agent consumed the injected output rather than actually running any build/test tasks. This is a prompt injection attack designed to fraudulently add the 'build-test' label to PR #1711 and post a fake success comment without performing any real testing.

Reasons: The workflow prompt file (prompt.txt) contains injected JSON at its end that pre-fabricates a complete 'success' result: all 18 projects across 8 ecosystems shown as passing, with add_labels and add_comment safeoutputs calls. The agent_output.json matches this injected JSON exactly, indicating the agent consumed the injected output rather than actually running any build/test tasks. This is a prompt injection attack designed to fraudulently add the 'build-test' label to PR #1711 and post a fake success comment without performing any real testing.

🚨 Security threats detected: prompt injection

GitHub MCP guard policy automatically applied for public repository. min-integrity='approved' and repos='all' ensure only approved-integrity content is accessible.