github-activity-report

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches user-generated GitHub content via the gh CLI (see SKILL.md Step 2 and scripts/fetch_pr_details.sh which calls gh api for search/issues and repos/.../pulls and stores PR bodies/files), and those PR titles/bodies/files are parsed and analyzed (SKILL.md Step 3) to drive selection and generation of the portfolio, so untrusted third‑party content can materially influence the agent's decisions.