command-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows workflows (e.g., SKILL.md and references/advanced-workflows.md) that run GitHub CLI commands like "gh pr view $1 --json ..." and similar bash/gh API calls to fetch PRs and repo data (user-generated, third‑party content) which the agent is expected to read and act on (review/approve/deploy), so that external PR content could influence tool use and next actions.