github-pr-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs GitHub CLI commands (e.g., gh pr view, gh pr list, gh pr diff, gh pr comment) that fetch PR descriptions, comments, and code from GitHub—user-generated/public content—so the agent will read and interpret untrusted third-party content.