bug-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads public, user-generated GitHub issues and their comments (via the "gh issue list" / "gh issue view ... --comments" steps in Step 1) and uses that content to categorize, draft, and decide actions, so untrusted third-party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches GitHub issue bodies and comments at runtime (via gh issue view / the issue URL pattern https://github.com/apify/apify-mcp-server/issues/), and that fetched content is required and directly drives the agent's drafted responses, so it is a runtime external dependency that controls prompts.