Command Development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs commands to fetch and ingest user-generated content from public sources (e.g., GitHub PR data via !gh pr view $1, `!`gh pr diff $1, and gh api ... in SKILL.md and advanced-workflows.md), which Claude is expected to read and act on (review/approve/request changes), so untrusted third-party content could materially influence tool use and next actions.