resolve-pr-feedback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests GitHub PR review threads, top-level PR comments, and review bodies via scripts/get-pr-comments and GraphQL (review_threads, pr_comments, review_bodies) and passes the full, user-authored comment text into resolver agents that drive code-change decisions, so untrusted, user-generated third-party content can directly influence tool actions.