watch-github-actions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md instructs the agent to run gh CLI commands that fetch GitHub Actions runs and job logs from GitHub (e.g., "gh run view --log", "gh run list", "gh pr checks "), which are untrusted/user-generated third‑party contents that the agent is expected to read and use to decide actions like rerunning or cancelling jobs.