git-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs the agent/subagent to use the GitHub CLI (e.g., "gh pr view", "gh pr list", "gh pr create") and to read and analyze PR descriptions/statuses (user-generated GitHub content), which are untrusted third‑party inputs that can materially influence merge/commit actions.