fix-github-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and acts on user-generated GitHub content (e.g., "gh api repos/:owner/:repo/pulls/$PR_NUMBER/comments", "gh pr checks", "gh run view ... --log-failed" shown in SKILL.md), and those untrusted review comments and CI logs are read and used to drive code changes and tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime gh API calls such as "gh api repos/:owner/:repo/pulls/$PR_NUMBER/comments" to fetch PR review comments and CI logs that directly drive what the agent must do (i.e., fetched content controls prompts/instructions), so this is a required external runtime dependency that can control the agent.