bmad-os-gh-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches GitHub issues with gh issue list --json number,title,body,labels (SKILL.md Step 1) and instructs agents to "Paste the batch of issues here" (agent-prompt.md) so the agent will read and act on untrusted, user-generated GitHub issue content when deciding priorities and generating gh commands.