gh-deps-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests public, user-generated content—e.g., GitHub releases/tags/changelogs via scripts/gh_release_fetch.py (gh api calls and GET /repos/{owner}/{repo}/contents/{path}) and package metadata from npm/PyPI via scripts/repo_resolver.py's _http_json—then scripts/gh_deps_intel.py and impact_analyzer.py read and act on that content to choose targets, risk levels, and refactor actions, so external release/changelog text can materially influence decisions and tool behavior.