resolve-pr-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow explicitly fetches and lists PR review threads using the pull-request-tool (via pr-url or repo/pr-number) and then reads and interprets reviewers' comments and thread context—which are user-generated/untrusted content from public GitHub PRs—so it consumes third-party content as part of its workflow.