authentication-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill invokes external CLIs (e.g., gh api, gh issue list, gh pr view) to fetch and parse GitHub user-generated content and then acts on it (for example syncing issues to GitLab in examples/workflow-integration.md and using gh api in README.md), so untrusted third-party content can influence subsequent tool actions.