iterate-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's bundled scripts and workflow (scripts/fetch_pr_feedback.py and scripts/fetch_pr_checks.py, described in SKILL.md steps 2–5 and the scripts themselves) call the GitHub CLI / API to fetch PR review threads, issue/comments, and CI logs (user-generated/untrusted content) and then parse and act on those comments/log_snippets to decide fixes and next actions, which could be influenced by malicious instructions in third-party content.