pr-resolution

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses user-generated GitHub PR review threads and discussion comments (see references/discovery.md with gh api queries and the scripts bin/get-pr-comments and bin/parse-coderabbit-review), and those third‑party comment bodies are parsed and used to classify and drive agent actions (SKILL.md phases and parallel agent launches), which could allow indirect prompt injection.