responding-to-pr-review-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly collects and interprets user-generated PR review comments from GitHub (see subagents/review-comment-collector.md and SKILL.md requiring PR_URL) and may fetch public external pages per references/external-sources.md, and those third-party contents are used to drive assessments, draft replies, and posting decisions—so untrusted web content can directly influence agent actions.