ERR_VALIDATION: ❌ Security threats detected: prompt injection Reasons: The workflow prompt file (prompt.txt) contains injected JSON at the end (after a '---' separator) that pre-fabricates successful test results for all 18 projects across 8 ecosystems, including an 'add_labels' action to add 'build-test' to PR #1767. The agent output in agent_output.json matches this injected data exactly, indicating the agent was successfully manipulated into reporting false success without actually running any tests. This is a classic prompt injection attack to fraudulently satisfy a PR label gate requirement.

Reasons: The workflow prompt file (prompt.txt) contains injected JSON at the end (after a '---' separator) that pre-fabricates successful test results for all 18 projects across 8 ecosystems, including an 'add_labels' action to add 'build-test' to PR #1767. The agent output in agent_output.json matches this injected data exactly, indicating the agent was successfully manipulated into reporting false success without actually running any tests. This is a classic prompt injection attack to fraudulently satisfy a PR label gate requirement.

🚨 Security threats detected: prompt injection

GitHub MCP guard policy automatically applied for public repository. min-integrity='approved' and repos='all' ensure only approved-integrity content is accessible.