gh-address-copilot-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting "user-provided review comments" from PR review threads (see "Preconditions" and "Ingest user-provided review threads" in SKILL.md), which are untrusted, user-generated third‑party content that the agent must read and act on (classify and implement fixes), allowing those comments to materially influence actions like code changes, pushes, and reviewer re-requests.