issue-intelligence-analyst

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated GitHub issue content via the gh issue list / gh issue view commands described in Step 2 of SKILL.md (Fetch Issues), and those untrusted issue bodies are read and used to drive clustering and decision-making, creating a clear avenue for indirect prompt injection.