pr-comment-responder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves and ingests user-generated GitHub content (e.g., PR review comments via scripts like pr/get_pr_review_comments.py --include-issue-comments and pr/get_pr_review_threads.py) and uses the full comment context/diff_hunk to classify, delegate, and drive automated actions (Phase 1/2/3/6 in SKILL.md), so untrusted third-party content can materially influence agent behavior.