create-git-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow Step 2 explicitly says "If the user passes an issue reference (issue number, URL, or path), fetch that issue and read its body and comments before drafting," which means the agent will ingest and interpret user-generated third‑party content from issue trackers (e.g., GitHub issues) that can materially influence PRD drafting and publishing decisions.