github-repo-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly issues curl/gh calls to the public GitHub API (e.g., https://api.github.com in many "curl" examples for repos, issues, PRs, gists, and workflow runs) and the agent is expected to read and act on that user-generated GitHub content (list/parse descriptions, rerun workflows, merge PRs, set secrets, etc.), so untrusted third-party data could influence subsequent actions.