repo-config

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads per-repo .github-repo-manager.yml from repositories (via gh-manager config repo-read / config resolve), which are user-generated, potentially public repo files that the agent parses and uses to drive config/behavior, so untrusted third-party content can materially influence actions.