pr-comments-address

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches and reads user-generated GitHub PR comments via the GitHub CLI (gh pr view --comments --json reviews,comments,reviewThreads) and then uses those comments to triage, decide on code changes, and draft/post replies, so untrusted third-party content can directly influence the agent's actions.