github-pr-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md, Preparation and Follow these steps) tells the agent to run 'gh pr view' and 'gh pr diff' (and to checkout the PR) which fetch and ingest user-generated GitHub PR descriptions and diffs from external repositories, so untrusted third-party content will be read and can materially influence review decisions.