composio-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and decodes repository files and READMEs via the Composio GitHub actions (references/actions.md: GITHUB_GET_REPOSITORY_CONTENT and GITHUB_GET_A_REPOSITORY_README), which are user-generated, potentially public GitHub content that the agent is expected to read and that could influence subsequent actions like creating issues, PRs, or merges.