github-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md and reference/pr-workflow.md) explicitly uses the GitHub CLI (gh pr view, gh pr diff, gh pr checks, gh api, etc.) to fetch and read PR descriptions, diffs, checks, and comments from GitHub repositories—user-generated, third‑party content that the agent is expected to interpret and that can change its review and git actions.