merge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and reads PR and issue content from GitHub (e.g., "gh pr view --json title,body,files" and "use Task agents to gather context from PR/issue descriptions"), which are untrusted, user-generated third-party sources that the agent is expected to interpret as part of its workflow.