copilot-review-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches Copilot review comments from GitHub PRs (see SKILL.md Step 2c and references/gh-copilot-review-guide.md which use gh api repos/{owner}/{repo}/pulls/{pr}/comments) and then reads/acts on those user-generated comments to triage and modify code, so untrusted third-party content can directly influence agent behavior.