ghpm-shared

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required startup/cache flow (SKILL.md + references/cache.md) automatically re-fetches GitHub Project items via the gh project item-list command, ingesting user-generated issue/project content that the agent reads and uses to drive recommendations and session actions, creating a clear vector for indirect prompt injection.