check-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly fetches and parses third‑party, user-generated CI/check output from GitHub via the GitHub CLI (see scripts/check_ci.sh calling "gh pr checks" and SKILL.md's "gh run view <RUN_ID> --log-failed"), and uses that content to determine status and drive next actions, so untrusted external content could influence behavior.