update-pr-body

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and re-uses GitHub pull request bodies via commands like "gh pr view" in the SKILL.md (step 2 and examples), which are user-generated, publicly hosted content that the agent is expected to interpret and can influence subsequent edits, creating a clear avenue for indirect prompt injection.