engineer-expertise-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill uses the GitHub CLI to fetch and analyze public pull requests, PR bodies, files, reviews, and comments from GitHub (see gh pr view / gh api calls in scripts/extract_engineer.sh and the "Research Sources" section), which are untrusted, user-generated third‑party contents that the agent ingests and interprets as part of its workflow.