mise-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's GitHub Token Multi-Account Patterns explicitly instructs running commands that fetch data from the public GitHub API (see "Account Alignment Verification" in references/github-tokens.md which runs gh api user --jq '.login') and uses that external, user-generated account data to verify/choose tokens and influence account/tool behavior, so it consumes untrusted third‑party content that can affect next actions.