gh-issue-fix-flow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to run "gh issue view --repo <owner/repo> --comments" to ingest GitHub issue text and comments (user-generated, potentially public) and to read that content as part of its workflow, exposing it to untrusted third-party input.