git-issue-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md's Execution steps explicitly call commands like gh issue view and gh api repos/{owner}/{repo}/issues/{number}/issue-field-values and derive branch names from issue titles, meaning the agent fetches and acts on user-generated GitHub issue content (an untrusted third-party source) which can influence tool use and decisions.