arinhub-submit-pr-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches PR metadata and user-generated review comments/files from GitHub using gh pr view and gh api (Steps 2–3) and then uses that content to deduplicate, decide whether to submit reviews, and even post PR Coverage content verbatim (Step 10), so untrusted third-party content on GitHub can directly influence the agent's actions.