github-swarm-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and interprets user-generated GitHub pull request content (via gh pr view, gh pr diff, PR files/reviews/comments and GitHub Actions github.event.comment.body) which are untrusted third-party inputs that could contain indirect prompt-injection payloads.