agent-github-pr-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly reads and acts on GitHub pull requests, PR descriptions, reviewer comments, and linked issues via the gh CLI (e.g., gh pr status, gh pr review), which are user-generated content on a third-party platform and therefore untrusted input the agent will interpret.