github-pr-review-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This workflow explicitly fetches and reads user-generated GitHub review comments and threads (e.g., via "gh api repos///pulls/<PR_NUMBER>/comments" and "gh pr-review threads list"), so the agent ingests untrusted third-party content that could contain indirect prompt injection.