gitcode-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and acts on user-generated content from GitCode (gitcode.com) — e.g., commands like oh-gc issue:view, pr:view, pr:comments, pr:diff, and pr:list in SKILL.md — and the agent is expected to read those issues/PRs/comments/diffs and then perform actions (comment, review, merge), so untrusted third-party content could influence behavior.