github-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and acts on user-generated GitHub content via the GitHub CLI and API (e.g., "gh issue list", "gh issue view", "gh api repos/user/repo/milestones", /pr-create and auto_track_issues.py) so public issues/PRs/milestones could influence agent decisions and tooling behavior.