github-pr-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill invokes the GitHub CLI to create and view PRs (e.g., scripts/Invoke-GitHubPRWorkflow.ps1 uses gh pr create, gh pr view, gh pr list and the SKILL.md/README describe these steps), thereby ingesting user-generated GitHub data (PR bodies/metadata) from the public third-party service and using that data (e.g., the PR's mergeable status and gh output) to decide whether to merge—exposing it to untrusted third‑party content that can influence actions.