tools-repo-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and clones public GitHub repositories (see scripts/repo_review_om.py: fetch_org_repos and clone_single_repo using gh/git) and SKILL.md examples like "Review https://github.com/org/repo", then reads and interprets commits/files to drive analysis and management recommendations, so untrusted, user-generated third‑party content can materially influence its actions.