pr-review-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill is designed to process PR review comments and explicitly references GitHub API/time comparisons, so it ingests user-generated GitHub PR comments (a third-party untrusted content source) that the agent would read and interpret as part of its workflow.