github-issues-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes user-generated GitHub issues and comments from the public repository via the GitHub API (see scripts like .claude/skills/github-issues-manager/scripts/monitor_issues.py, analyze_issues.py, and generate_fix.py), and it reads that untrusted content to drive automated triage, fix generation, comments, labels, and PR creation—so third-party issue text could inject instructions that materially change agent actions.