gh-process-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches PR review threads from GitHub (see scripts/fetch_reviews.sh using GraphQL and the reviews JSON with comments[]), and the workflow explicitly reads and interprets those user-generated review comments to implement fixes, exposing the agent to untrusted third-party content from GitHub.