git-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use the gh CLI to list, view, review, and act on GitHub pull requests and issues (e.g., "gh pr view", "gh pr list", "gh pr review"), which requires reading and acting on user-generated, potentially public third‑party content hosted on GitHub.