pd-github-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the skill runs resources/pd-github.ts to list and filter issues for an arbitrary GitHub repo (e.g., "issues --repo <OWNER/REPO>"), which fetches public, user-generated GitHub issue content that the agent reads as part of its workflow and could therefore carry instructions that influence subsequent decisions.