gitcode-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and parses content from public GitCode repositories and PRs (e.g., using git fetch/git show to read .gitee/PULL_REQUEST_TEMPLATE.zh-CN.md and gitcode_list_pull_requests/gitcode_get_issue), which are public/user-maintained sources that the agent reads and incorporates into PR/issue bodies and workflow, exposing it to untrusted third-party content that could enable indirect prompt injection.