cmd-pr-gh-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated GitHub PR and issue comments via gh api calls (e.g., repos/{owner}/{repo}/pulls/{pr_number}/comments, reviews, and issues APIs in step 3 of SKILL.md), and those untrusted third-party comment bodies are read and interpreted to build plans and drive actions.