multi-ai-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill pulls and analyzes user/PR-provided code from repositories (e.g., "git diff origin/main...HEAD > pr_diff.txt" and the GitHub Actions checkout step) and feeds those untrusted, user-generated diffs/code into LLMs for review, which clearly exposes the agent to third-party content that could contain indirect prompt-injection payloads.