github-agile

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime scripts (notably scripts/gh-sync-context.ts and scripts/gh-audit.ts) explicitly fetch and parse GitHub issues and PRs via the GitHub CLI (e.g., "gh issue list" and "gh pr list") — public, user-generated content — and then use that content to generate status/decision files and audit-driven recommendations, so untrusted third-party content can materially influence the agent's outputs and actions.