repo-activity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill calls the GitHub API ("gh api") to fetch repository data including issues, PRs, comments, and contributor activity—user-generated public content that the agent reads and summarizes (e.g., latest comment previews), exposing it to potential indirect prompt injection.