comprehensive-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory workflow explicitly fetches and ingests user-generated GitHub PRs/issues and diffs (e.g., "gh pr view ", "gh pr diff ", "gh issue view ") and uses that content to drive review decisions and GitHub actions, exposing the agent to untrusted third-party content that could contain indirect prompt-injection.