fix-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests user-generated GitHub issue bodies, comments, and attached images via "gh issue list" and curl + Read (see Step 1.2 and Step 1.3e), and it must interpret that untrusted content to triage and decide/follow-up actions (classify, fix, create PR), which enables indirect prompt injection.