gh-address-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill uses the gh CLI to fetch PR review and issue comments via endpoints like gh api repos/{owner}/{repo}/pulls/{number}/comments and repos/{owner}/{repo}/issues/{number}/comments, which are user-generated GitHub content that the agent will read and summarize (exposing it to untrusted third-party input).