slash-command-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's templates explicitly execute commands that fetch public, user-generated content (e.g., GitHub via [execute: gh issue list ...] and use of gh pr create in the git-workflows/pr-context and complex-command examples), and the command outputs are captured and included in prompts for the agent to read and act on.