agent-github-pr-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly reads and acts on user-generated GitHub content (PR descriptions, comments, and reviews) via the gh CLI as shown in the "GitHub CLI Integration" commands and the "Review Coordination"/"Synthesize feedback" workflow in SKILL.md, so untrusted third-party input could influence agent actions.