gh-daily-timeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The script explicitly fetches user-generated GitHub content via gh api "/users/$USERNAME/events" and per-repo compare calls (see EVENTS_JSON and COMMITS in gh-activity.sh) and then reads/displays commit messages, issue titles, PR titles and comments as part of its workflow, exposing the agent to untrusted third-party text that could influence decisions or subsequent actions.