git-worktree-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows (notably rules/patterns/code-review.md and rules/creation.md) explicitly instruct using commands like "gw pr https://github.com/user/repo/pull/123" and "gw add --from " which fetch and check out public GitHub PRs and remote branches—untrusted, user-generated content the agent would ingest and could materially influence follow-up actions (installing/running code, hooks, tests).