github-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to be used "when responding to GitHub issues, bug reports, feature requests, or any GitHub discussion" (SKILL.md top description) and includes handling of user handles and issue content in the Opening Pattern and Core Elements, meaning the agent will read and act on public, user-generated GitHub content that could contain adversarial instructions.