git-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's PR Workflow and Issue Management sections instruct use of the gh CLI (e.g., "gh pr view", "gh pr list", "gh pr checkout", "gh issue create"), which clearly fetches and reads user-generated content from public GitHub PRs/issues that the agent would interpret to make decisions about reviews/merges.