paw-tools-release

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests repository data (e.g., git fetch --tags in references/01-validate.md, git log + ./scripts/parse_commits.py in references/02-version.md and references/03-changelog.md) and then uses the resulting commit messages/changelog as release notes passed to gh release create in references/04-release.md, meaning untrusted, user-generated content from the remote repository/GitHub can be read and directly influence version bumps and release actions.