github-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documents GitHub CLI commands that fetch and display public, user-generated content—e.g., references/features-projects-releases-gists.md shows "gh gist view" / "gh gist list --public", references/features-search-api-misc.md shows "gh api" and "gh search", and it also documents "gh extension install" and "gh browse", all of which cause the agent to retrieve and interpret untrusted third-party content from public GitHub repos, gists, issues, and extensions.