github-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill uses gh commands that fetch and display public, user-generated GitHub content (e.g., gh pr view --comments, gh issue view --comments, gh gist view, gh api, gh search, gh browse) so the agent would read/interpret arbitrary third‑party content from GitHub (issues/PRs/gists/repo READMEs), exposing it to indirect prompt injection.