check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Triage Mode (SKILL.md) explicitly runs gh issue list -R <repo> and gh pr list -R <repo> to pull GitHub issues/PRs (user-generated, potentially public content) and requires the agent to read, classify, and draft responses based on that content, so third-party text can directly influence decisions and GitHub actions.