git-investigate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md "Why was it changed? commit message + PR" and references/commands.md showing commands like git log, git show and gh pr view 123) clearly requires ingesting commit messages, PR text, and repository file contents (user-generated/untrusted third-party content) and using that data to drive investigation decisions, which could allow indirect prompt injection.