github-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads GitHub issue bodies and comments from the GitHub API (see SKILL.md Steps and scripts/github-issues.mjs which call /repos/{owner}/{repo}/issues and /issues/{number}/comments) and uses that user-generated, untrusted content to classify issues and decide actions (comments, code changes, closes), so third-party content can materially influence behavior.