issue-sprint

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests GitHub issue and PR content (e.g., via "gh issue view" and "gh pr view") and copies issue bodies into generated subagent prompts, so untrusted user-generated content from public repos can influence agent instructions and actions.