git-branch-pr-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's pr-context.sh script and SKILL.md explicitly run git fetch origin and parse commit messages, diffs, and issue/PR data (and may use gh or mcp__github__* calls) to build PR titles/bodies, so it ingests untrusted, user-generated remote repository content and uses it to influence PR creation and other actions.