github-swarm-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and acts on public, user-generated GitHub issue content (e.g., "gh issue view ... --json title,body,labels,assignees,comments" and GitHub Actions handling issue_comment in SKILL.md's Quick Start/Usage Examples/Automated Triage/GitHub Actions Integration), using issue bodies and comments to determine topology, labels, and to trigger agent actions—exposing the agent to untrusted third-party content that could include injected instructions.