resolving-github-pull-request-reviews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses GitHub PR review threads and check outputs (e.g., GraphQL reviewThreads queries and gh pr checks) and requires the agent to read user-authored comment bodies and suggestion blocks and act on them (apply fixes, commit, and resolve threads), so untrusted third-party content from GitHub could influence agent behavior.