performance-testing-review-ai-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill pulls arbitrary pull request diffs from GitHub (e.g., get_pr_diff, GitHub Actions checkout and GitHub API usage) and injects that user-generated content directly into LLM prompts (ai_review / review_prompt), exposing the agent to untrusted third‑party content that could carry indirect prompt injection.