gh-address-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches GitHub PR comments, reviews, and review threads via scripts/fetch_comments.py (using gh api graphql) and SKILL.md steps 2–5, which are untrusted user-generated GitHub content that the agent reads/summarizes and can drive follow-up fixes, so third-party content could materially influence actions.