github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses user-generated GitHub content (PRs, issues, Actions runs and logs) via 'gh' and 'gh api' calls (e.g., projects/ghops/src/ghops/checks.py fetch_run_log/fetch_job_log and projects/ghops/src/ghops/runtime.py gh_json/gh_api_paginated_list, as well as SKILL.md fast-paths like "scripts/ghops --json checks pr" and "actions inspect"), so untrusted third-party content from github.com is read and can materially influence decisions and subsequent actions.