github-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill routinely calls the GitHub API and gh CLI (e.g., gh api repos/{owner}/{repo}/pulls, gh issue list, gh pr view, gh api .../comments) which fetches public, user-generated content (PR bodies, issues, comments, commits) that the agent is expected to read and interpret.