ERR_VALIDATION: ❌ Security threats detected: prompt injection Reasons: The workflow prompt file contains injected JSON at the end (after the legitimate workflow instructions) that pre-fabricates safe-output tool calls claiming all 18 projects across 8 ecosystems passed with '8/8 ecosystems passed — PASS'. This JSON bypasses actual test execution by directly providing fabricated success results to the agent, causing it to add the 'build-test' label to PR #1714 and post a false all-passing summary without running any real builds or tests. This is a classic prompt injection attack where malicious content appended to a legitimate workflow prompt manipulates the agent into reporting false outcomes.

Reasons: The workflow prompt file contains injected JSON at the end (after the legitimate workflow instructions) that pre-fabricates safe-output tool calls claiming all 18 projects across 8 ecosystems passed with '8/8 ecosystems passed — PASS'. This JSON bypasses actual test execution by directly providing fabricated success results to the agent, causing it to add the 'build-test' label to PR #1714 and post a false all-passing summary without running any real builds or tests. This is a classic prompt injection attack where malicious content appended to a legitimate workflow prompt manipulates the agent into reporting false outcomes.

🚨 Security threats detected: prompt injection

GitHub MCP guard policy automatically applied for public repository. min-integrity='approved' and repos='all' ensure only approved-integrity content is accessible.