github-review-check-duplicate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 1–3) explicitly fetches and ingests user-generated GitHub issue titles, bodies, and comments from public repositories via gh commands (e.g., "gh issue view", "gh search", "gh api ...timeline"), which the agent reads and uses to decide duplicates and take actions, exposing it to untrusted third-party content that could contain injected instructions.