github-workflow-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill sends user-generated GitHub content (e.g., PR diffs from the "Get diff"/"AI Review" steps, issue title/body in the Issue Triage workflow, and issue comments/context in the @mention bot) to AI models, so untrusted third-party input from contributors could induce indirect prompt injection.