repo-summary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and analyzes content from GitHub (via "repo-activity" and git/gitlog analysis), including issues, PRs, commit messages and other user-generated repository data on the open web, which are untrusted third-party inputs the agent will read and interpret.