create-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The Update flow explicitly fetches and reads GitHub issue content via "gh issue view " (user-generated GitHub issues/comments), and the agent uses that content to decide edits/comments, so untrusted third-party instructions could influence its actions.