personal-commit-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated content from GitHub (via gh GraphQL/REST calls in scripts/collect_commit_review.py and Workflow step 3 of SKILL.md that directs the agent to read README/architecture/docs, commit messages, and repo metadata) and then uses that content to pick storylines, highlights, and drive writing decisions, so third-party content can materially influence agent actions.