fetch-pr-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Step 1 shows the skill calling the GitHub API (graphql) to fetch reviewThreads and comment bodies from a PR, which are untrusted, user-generated third-party contents that the agent reads and summarizes, allowing those comments to influence its output.