ticket-drafting-guidelines

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's "Agentic Optimizations" section explicitly instructs the agent to run GitHub commands (e.g., gh issue list, gh issue view, gh search issues) that fetch and read user-generated, public GitHub issues/PRs, which the agent would consume to inform follow-up actions like creating issues, so untrusted third‑party content could influence behavior.