coderabbit-core-workflow-a

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and analyzes GitHub PR diffs, PR descriptions, and PR comments as part of its workflow (see "Step 2: CodeRabbit analyzes diff" and "In PR description, add instructions..." / Step 3 commands), which are user-generated, untrusted third-party content that can directly influence the agent's review actions.