finops-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts (scripts/workflow-runs.sh and scripts/workflow-runs-org.sh) call the GitHub CLI (gh api and gh repo list) to fetch repository and Actions run data (user-generated metadata like workflow/run names, conclusions, and links) and then parse those results to drive analysis and post-action suggestions, so it clearly ingests untrusted third-party content from GitHub that can influence the agent's decisions.