executing-github-task

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and acts on GitHub issue state via the gh tool (see execution-starter and documentation-writer instructions to inspect/confirm issue labels, comments, and the owner/repo#number task issue) — GitHub issue content is user-generated third-party data that can materially influence kickoff, tracker mutations, and subsequent decisions.