secret-leak-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly supports scanning commits and commit messages from a PR/remote (see references/scope_selection.md and references/scenario_commit_messages.md), which ingests untrusted, user-generated repository diffs and commit text from remote GitHub PRs that the agent reads and uses to drive findings and remediation decisions.