git-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and interpret live, user-generated data from public GitHub/GitLab (e.g., gh pr checks, gh run view --log-failed, glab ci trace and related commands in the "CI Status", "Specific Run Details" and "Run Logs" sections), so untrusted third-party content (PR descriptions, logs, workflow outputs) will be read and can materially influence decisions or tool use.