pma-cr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and inspects public GitHub pull requests and diffs (see SKILL.md PR invocation and agents/code-reviewer.md steps using gh pr view / gh pr diff and posting gh pr review), which are user-generated, untrusted third-party content that the agent reads and uses to decide and perform review actions.