ah-submit-code-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated GitHub PR content (e.g., via "gh pr view $PR_NUMBER --json ..." and "gh api repos/$REPO_OWNER/$REPO_NAME/pulls/$PR_NUMBER/comments") and then reads and acts on PR body/comments to deduplicate issues and decide/submit review actions, so untrusted third-party content can influence its behavior.