skill-system-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's report-improvement-issue workflow (scripts/report-improvement-issue.md) uses the gh CLI to list and view open GitHub issues for a target repo (via gh issue list / gh issue view after inferring the repo from git remote), ingesting user-generated GitHub issue content and using it to decide whether to link or create an issue, which exposes the agent to untrusted third-party content that can influence actions.