dotnet-github-releases

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses GitHub and the gh/GitHub API (e.g., gh release create --generate-notes, gh release view/list, API curl examples) and reads repository-generated content (auto-generated release notes from PRs/commits, CHANGELOG.md, uploaded release bodies) which are untrusted, user-generated third-party content and are used to populate release notes and drive release/publish workflows (e.g., draft-then-publish triggering CI), so third-party content can directly influence agent actions.