actions-debugger

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts a user-provided GitHub Actions run URL and runs 'gh run view' to fetch and read the action logs from GitHub, exposing the agent to untrusted, user-generated content (Actions logs) from a third-party site.