fetch-pr-feedback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls the GitHub API to fetch issue and pull review comments from repos (repos/$OWNER/$REPO/issues/$PR_NUMBER/comments and repos/$OWNER/$REPO/pulls/$PR_NUMBER/comments), which are user-generated/untrusted content that the skill cleans, formats, and passes into the receive-feedback skill to parse and act on actionable items, allowing third-party content to influence agent decisions.