write-pr-description

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to read a user-provided GitHub PR URL (metadata and full diffs) and any linked issues/docs — untrusted, user-generated third-party content — and to use that content to decide how to write/update the PR description.