github-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill runs commands such as "gh pr view"/"gh pr list" and "git --no-pager log"/"git show" to fetch PR bodies and commit messages from the remote GitHub repository (user-generated third-party content) and then reads/analyses those contents to generate or modify PR titles and descriptions, which could allow indirect prompt injection.