github-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documented commands (e.g., "npx claude-flow github review --pr 123" and "npx claude-flow github issues list") require ingesting PRs, issues, and comments from GitHub — public, user-generated content that the agent would read and could materially influence tool actions and decisions.