git

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to use gh CLI commands like "gh issue list" and "gh issue view" to read issue context (user-generated GitHub content), which are third-party/untrusted sources the agent is expected to interpret and use when composing PRs.