codex-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill integrates with GitHub PRs and CI (e.g., manual "@codex review" on PRs and the GitHub Action that checks out PR/repository code via actions/checkout), causing the agent to ingest and analyze user-generated repository/PR content from public third-party sources which could contain indirect prompt-injection.