gh-agent-task

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill ingests and acts on user-generated GitHub issue content: the SKILL.md workflow examples and Implementation Details show the safe-output processor and workflows that read issue text ("When an issue is labeled...") and agent output to create agent tasks which then drive Copilot actions, so untrusted issue content can directly influence tool behavior.