implement-review-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1: "gh pr view" / "gh pr diff" and Step 2: "gh pr checks") fetches PR content from GitHub (user-generated, potentially public third-party content) which the agent is expected to read and use to make review and posting decisions (Steps 4–7), so untrusted content can materially influence actions.