github-scrum-flow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses the gh CLI to view and comment on GitHub Issues as part of its required workflow (see "Phase 1: Sync with GitHub Issue" and the "GitHub (gh)" cheatsheet), which means it ingests user-generated GitHub content that can influence branching, commits, PR creation, and other agent actions and therefore could enable indirect prompt injection.