github-issue-solve

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly collects and ingests user-generated GitHub issue and comment content (${GITHUB_CONTEXT_DIR}/github/issue.json and ${GITHUB_CONTEXT_DIR}/github/comments.json) via ghx/gh as required context (see "Context Collection" and "Analyze Issue" in SKILL.md), and that content is used to decide code changes and PR actions, so malicious instructions in issues/comments could influence behavior.