PR Review Integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly reads user-generated GitHub PR content (e.g., via "gh pr view --json body", diffs and files) and Linear issue descriptions/comments (via mcp_Linear_get_issue), both of which are untrusted third-party content that the agent interprets as part of its workflow.