pull-request-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests user-generated PR comments and review threads directly from GitHub (via Octokit and graphql calls such as fetchAllReviewComments, fetchAllIssueComments, fetchReviewThreads) and then reads and displays those comment bodies in summary.md and issue_*.md files for the agent to interpret and act on, exposing it to untrusted third-party content and potential indirect prompt injection.