resolving-pr-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests GitHub PR review comments via gh api repos/{owner}/{repo}/pulls/{pr}/comments and issues/{pr}/comments (see SKILL.md and WORKFLOW.md Phase 1), which are untrusted, user-generated third‑party content that the agents read and use to drive verification, triage, and automated code changes—exposing the agent to potential indirect prompt injection.