copilot-pull-request

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches PR details and reviewThreads (review comments) from GitHub using the built-in PR/issue APIs, which exposes the agent to user-generated, potentially untrusted content (comments/diffs) from third-party repositories.