github-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly ingests GitHub webhook payloads (POST /webhooks/github) and parses events like issues, pull_request, and issue_comment which contain untrusted, user-generated content from GitHub that the agent reads and handles at runtime.