resolve-agent-reviews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (Step "Fetch All Bot Comments" via npx agent-reviews --bots-only --unanswered --expanded) fetches and ingests PR review bot comment bodies from the current PR—arbitrary third-party/user-generated content—which the agent is expected to read and act on to make code changes and decide next actions, enabling indirect prompt injection.