command-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly shows commands that run GitHub CLI like !gh pr view $1 --json ...and!gh pr diff $1 --name-only (references/advanced-workflows.md and SKILL.md), causing the agent to fetch and interpret user-generated PR content from GitHub which can influence subsequent review actions.