github-actions-hardened

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs the agent to look up action release tags on public GitHub (e.g., "Before writing any workflow, look up the current latest major version... With web/search access: search github.com///releases" and via gh api), which requires fetching and interpreting untrusted third‑party content that can materially change generated workflow decisions.