create-merge-request-changelog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated MR metadata, commit messages, and diffs from GitLab (see SKILL.md Option B examples and scripts/fetch_gitlab_mr.py which accepts full GitLab URLs) and then instructs the AI (references/analysis_prompts.md and the workflow) to read and act on that content to generate MR titles/descriptions, so untrusted third-party content can influence agent behavior.