github-issue-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests GitHub issues, PRs, and comments from repositories (via the gh CLI and scripts/gh_fetch.py) and inserts issue.body and fetched comments into the agent prompts/background tasks, exposing it to untrusted, user-generated content from public repositories.