github-issue-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows use of the gh CLI to list/view/comment on GitHub issues (e.g., "gh issue list", "gh issue view", "gh issue comment"), meaning the agent reads and acts on public, user-generated GitHub issue and comment content which can influence its actions.