github-actions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and inspect GitHub workflow logs and artifacts via the GitHub CLI (e.g., "gh run view --log", "gh run download", "gh workflow view") from the repository and related web/status pages, which are user-generated/untrusted third‑party content and are used to decide reruns or trigger workflows, so those external contents can materially influence agent actions.