snap-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Workflow (Step 1 "Source") explicitly uses gh pr view/gh pr diff and "Fetch linked issue bodies + comments" to read GitHub PRs, PR comments, and linked issue/URL content (user-generated public content) and uses that content to determine review intent and actions, so untrusted third-party text can influence decisions.