sem-inspect-weave

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes commands and a script that run "inspect pr" (references/commands.md and scripts/inspect-review-target) which uses gh to fetch and interpret GitHub pull request content (user-generated, public third‑party data) as part of its analysis and decision workflow, so untrusted PR content could indirectly influence tool behavior.