coderabbit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests GitHub PR data and review threads (via the GraphQL query in references/graphql-queries.md and REST calls like gh api repos/{owner}/{repo}/pulls/{pr_number}/comments and /reviews), which are untrusted, user-generated third‑party contents (PR comments/reviews) that the agent is expected to read and interpret as part of its workflow.