release-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes lib/extract-pr-metadata.cjs (documented in SKILL.md under "PR Metadata Extraction" / Advanced Features) which can call the gh CLI (--fetch-gh) to fetch GitHub pull request titles, bodies, and labels (public, user-generated content) and those PR fields are parsed and used to determine PR type, labels, summaries and influence categorization/versioning/rendering decisions—meaning external PR text can be ingested and materially affect tool behavior.