sc-pr-fix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses GitHub Actions run logs (untrusted, user-generated repository CI output) by extracting the run URL from gh pr checks and calling get_run_logs (which runs "gh run view --log-failed/--log") in scripts/parse_check_failures.py — invoked from scripts/fix_orchestrator.py via parse_failure_logs(check.name, check.url) — and those parsed logs are used to generate fixes and drive automated fix signals, so external content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill fetches GitHub Actions run logs at runtime (e.g., https://github.com///actions/runs/<run_id>) via the gh CLI and the parsed log content is injected into generated prompts/suggested fixes that directly control agent instructions, and those run URLs/logs are required for the fix loop to operate.