pr-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests GitHub review threads, PR reviews, and issue-level comments via the GitHub API (see Phase 1 and references/github-api.md) and then parses bot/human comment bodies (references/bot-patterns.md) to make triage decisions and generate fix plans and subagent prompts, so untrusted user- or bot-generated content from PR comments can directly influence actions.