agent-swarm-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly fetches and analyzes user-generated GitHub content (e.g., issue bodies, comments, referenced issues/PRs via commands like "gh issue view ... --json body,comments,projectItems" and "--load-comments"), so it ingests untrusted third-party content that could carry indirect prompt injections.