invoking-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's github_client.read_file (scripts/github_client.py) and integration patterns like resume_session_from_github (references/iterating-integration.md) fetch and load file contents from arbitrary GitHub repositories/branches (user-provided URLs), meaning the agent ingests untrusted, user-generated third‑party content via the GitHub API.