github-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md and examples explicitly fetch and parse user-generated content from GitHub (e.g., Octokit REST calls and GraphQL queries that retrieve issue/PR bodies and comments, and gh CLI workflows that read titles/bodies to extract issue numbers and auto-link/auto-comment/auto-close), so untrusted third‑party content from public GitHub repos is ingested and used to drive actions and decisions.