github-modes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill issues GitHub API/CLI commands that fetch and display user-generated, public content (e.g., gh pr view / gh pr diff, gh issue list, and gh api repos/:owner/:repo/contents/file.md which decodes repository files), so the agent would read and act on untrusted third-party data such as PR descriptions, issue bodies, comments, and repo contents.