fetch-unresolved-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls GitHub's GraphQL API to fetch PR review threads and comment bodies (the "comments" -> "body" fields in the JSON), which are user-generated, untrusted third-party content that the agent reads and interprets.