triaging-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill autonomously fetches and parses GitHub issue content (untrusted, user-generated) as part of its runtime workflows—see SKILL.md workflows and the scripts (e.g., scripts/duplicate-detection.sh, scripts/issue-helpers.sh, scripts/relationship-mapper.sh, scripts/validate-issue.py) which call gh issue view / gh issue list and act on issue titles/bodies to decide labeling, closing, commenting, and other actions—so third-party issue text can materially influence tool use and decisions.