setup-matt-pocock-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to read and act on GitHub issues and comments (see backlog-github.md and SKILL.md "fetch the relevant ticket" / "gh issue view --comments"), which are untrusted, user-generated public content that the agent will parse and use to decide labels and next actions — exposing it to indirect prompt injection.