gh-fix-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses GitHub PR checks and GitHub Actions run/job logs (see SKILL.md Workflow step 3 and scripts/inspect_pr_checks.py functions like fetch_checks, fetch_run_log, fetch_job_log and analyze_check), which are user-generated/untrusted third‑party content that the agent reads and uses to draft and implement fixes, so those external logs could indirectly inject instructions affecting actions.