git-commit-helper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's docs explicitly state it may fetch issue details from the public GitHub API (see "May need network access for: Fetching issue details from GitHub API" and sandbox allowedDomains api.github.com), meaning it can ingest user-generated, public content and read/interpret it as part of generating commit messages.