diff --git a/.github/instructions/developer.instructions.md b/.github/instructions/developer.instructions.md
index abf16a26eee..845b57f7444 100644
--- a/.github/instructions/developer.instructions.md
+++ b/.github/instructions/developer.instructions.md
@@ -402,6 +402,34 @@ jobs:
 
 **Why secure:** Expression is evaluated in controlled context (environment variable assignment). Shell receives value as data, not executable code.
 
+#### Data Flow Comparison
+
+```mermaid
+graph TB
+    subgraph "Unsafe Pattern"
+        A1[Untrusted Input] --> B1["Template Expression<br/>${{ ... }}"]
+        B1 --> C1[Direct Interpolation<br/>into Shell Command]
+        C1 --> D1[Code Execution Risk]
+        style D1 fill:#f88,stroke:#f00
+    end
+
+    subgraph "Safe Pattern"
+        A2[Untrusted Input] --> B2["Template Expression<br/>${{ ... }}"]
+        B2 --> C2[Environment Variable<br/>Assignment]
+        C2 --> D2[Shell Receives<br/>Data Only]
+        D2 --> E2[No Code Execution]
+        style E2 fill:#8f8,stroke:#0f0
+    end
+```
+
+#### Recent Fixes (November 2025)
+
+Template injection vulnerabilities were identified and fixed in:
+- `copilot-session-insights.md` - Step output passed through environment variable
+- Pattern: Move template expressions from bash scripts to environment variable assignments
+
+See `specs/template-injection-prevention.md` for detailed analysis and fix documentation.
+
 #### Secure Pattern: Sanitized Context (gh-aw specific)
 
 ```yaml
diff --git a/specs/template-injection-prevention.md b/specs/template-injection-prevention.md
index fe8b1cc38a3..3f2c8faf03b 100644
--- a/specs/template-injection-prevention.md
+++ b/specs/template-injection-prevention.md
@@ -38,6 +38,26 @@ steps:
 
 By passing the value through an environment variable, the content is treated as data, not executable code.
 
+### Data Flow Comparison
+
+```mermaid
+graph TB
+    subgraph "Unsafe Pattern"
+        A1[Untrusted Input] --> B1["Template Expression<br/>${{ ... }}"]
+        B1 --> C1[Direct Interpolation<br/>into Shell Command]
+        C1 --> D1[Code Execution Risk]
+        style D1 fill:#f88,stroke:#f00
+    end
+
+    subgraph "Safe Pattern"
+        A2[Untrusted Input] --> B2["Template Expression<br/>${{ ... }}"]
+        B2 --> C2[Environment Variable<br/>Assignment]
+        C2 --> D2[Shell Receives<br/>Data Only]
+        D2 --> E2[No Code Execution]
+        style E2 fill:#8f8,stroke:#0f0
+    end
+```
+
 ## Changes Made
 
 ### copilot-session-insights.md