fetching-github-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads GitHub issue bodies and comments via the GitHub read path (see ./subagents/issue-retriever.md and SKILL.md: use of gh issue view and gh api .../comments/timeline), ingesting untrusted, user-generated content and using that content to extract Acceptance Criteria, populate the snapshot, and drive downstream workflow decisions—allowing third-party text to materially influence agent behavior.