code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly fetches and ingests user-generated GitHub content (PR metadata, diffs, files, and linked issue bodies) using commands like "gh pr view --json …", "gh pr diff ", and "gh issue view ", so arbitrary public PR/issue text and file contents are read and used to drive review decisions and automated posting.