release-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests and interprets user-generated content from GitHub (e.g., "Generate changelogs from commit messages", "Auto-draft releases from PRs", and creating release notes from git log/PR descriptions), which are untrusted third-party inputs the agent would read as part of its workflow.