tidy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly runs GitHub commands (e.g., "gh issue list" and the deduplication step that "Compare issue titles and bodies") and therefore ingests and interprets user-generated issue content from GitHub which can directly influence actions like closing or editing issues, creating a clear vector for indirect prompt injection.