update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches open GitHub issues using gh issue list (Step 3) and then parses issue bodies in Pass 1 and Pass 2 to make categorization and remediation decisions (Steps 4–6 and 9), so untrusted user-generated issue content can directly influence tool use and actions.