triage-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and interprets user-generated GitHub issue content (title and body) via the "gh issue view $ARGUMENTS --json title,body,labels,author" step and then uses that content to drive reproduction, decide fixes, and create PRs, so untrusted issue text could indirectly inject instructions that change agent behavior.