1k-monitor-pr-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses user-generated GitHub PR review comments using "gh pr view ... --json reviews,comments" and "gh api repos/{owner}/{repo}/pulls/<PR_NUMBER>/comments" (Step 2) and then reads/acts on those comments in Step 4 to decide fixes, so it ingests untrusted third-party content that can change agent behavior.