github-app-scaffold

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill implements Probot webhook handlers and uses Octokit to read and act on GitHub data (issues, PRs, comments, diffs) — i.e., user-generated content on GitHub — which is untrusted third-party content the agent is expected to read and interpret (see "Implement webhook handlers" and "Common Use Cases" referencing PR/issue content and diffs).