git-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated review threads and comments from third-party GitHub/GitLab APIs (e.g., SKILL.md and references/pr-comment-workflow.md showing gh api graphql reviewThreads and glab api .../discussions) and instructs the agent to read and act on those comments (reply, fix, resolve), so untrusted content can materially influence tool use and decisions.