resolve-pr-reviews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches PR review threads from GitHub via the GraphQL query in Phase 2 and then reads and interprets reviewers' comment bodies (user-generated content) in Phase 3 to decide, implement, and commit code changes, so untrusted third-party comments can directly influence agent actions.