github-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests GitHub commit/PR data (see SKILL.md "Integration with Agents" example: commits = github.get_commits(repo='owner/repo', days=7") and the provided scripts (analyze_commits.py, generate_report.py, calculate_leaderboard.py) parse commit messages and code from commits.json/PR data — which are untrusted, user-generated third‑party content that the agent reads and uses to drive reviews, scores, and report-generation, so third‑party content could inject instructions that influence actions.