implement-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads GitHub Issue content via "gh issue view" (Step 1) and uses that user-generated, public issue text to create implementation plans and drive code changes (Steps 2–4), so untrusted third-party content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill explicitly fetches GitHub issue content at runtime using "gh issue view " (e.g., https://github.com///issues/), and that remote issue text is injected into the agent's planning/instruction flow so it directly controls prompts and is required for operation.