gh-fix-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses GitHub PR check details and GitHub Actions run logs from third-party repositories (see SKILL.md workflow and scripts calling "gh pr checks", "gh run view --log", and "gh api /repos/.../actions/jobs/<job_id>/logs"), and those logs are read and used to summarize failures and drive fix plans, exposing the agent to untrusted user-generated content that could contain injected instructions.