ai-summary-comment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts call the GitHub API (e.g., gh api "repos/dotnet/maui/issues/$PRNumber/comments" and gh api "repos/dotnet/maui/pulls/$PRNumber/commits" in post-ai-summary-comment.ps1 and others), read and parse existing PR comment bodies and commit messages (user-generated public content) and then use that parsed content to decide how to build/merge/update comments, so untrusted third‑party content can materially influence agent actions.