github-project-board

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and processes user-generated content from GitHub (issues, PR bodies, PR lists, and project items) via gh CLI and API calls shown in SKILL.md (e.g., "gh pr view ... --json body", "gh issue list ...", "gh project item-list ..."), and then uses that content to drive actions like moving cards and assignments, so untrusted third-party content can materially influence agent behavior.