ce-resolve-pr-feedback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches GitHub PR review threads and top-level comments via scripts/get-pr-comments and the GH API and passes the full, untrusted comment text into resolver agents (see SKILL.md steps 1 and 5), so user-generated GitHub comments can be interpreted and drive code-change, reply, and dispatch actions.