Stacked PR Management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill invokes GitHub via the gh CLI (e.g., "gh pr view", "gh pr checks", "gh pr create"/"gh pr edit") and therefore fetches and interprets pull request data and metadata from GitHub (user-generated, third-party content) as part of its workflow.