pr-backlog-cleaner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and analyzes GitHub PR metadata and user review comments (via gh CLI commands and the pr-comment-analysis subskill's "pr-comment-grabber" that writes pr-code-review-comments/pr<PR_NUMBER>-code-review-comments.json), which are untrusted, user-generated third-party contents that the agent reads and interprets as part of its workflow.