issues-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses GitHub issue URLs and labels (user-generated content) as part of its workflow — see references/auto-link-config.md (PostToolUse hook) and SKILL.md gh issue list/view/--json examples — and uses those labels/URLs to decide whether to add/link items to Projects, so external issue content can change agent actions.