gh-issue-kickoff

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches live GitHub issue data with the command gh issue view {<number> | <url>} and instructs the agent to read the issue title, body, and comments (user-generated content) and then make edits or decisions, so untrusted third-party content from GitHub can directly influence actions.