github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using GitHub CLI commands (e.g., gh issue view, gh pr view, gh run view --log, gh api) that fetch and display user-generated content from public GitHub repositories (issues, PRs, comments, workflow logs), which the agent would read and which could materially influence subsequent actions.