open-source-maintainer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests and analyzes user-generated GitHub content (issues, PRs, review comments and contributor activity) — e.g., "triage issues, review PRs, analyze contributor activity" and "PRs are intelligence sources" — which are untrusted third-party inputs.