impl-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and parses user-generated review comments from GitHub (see "Fetch Review Comments" step with gh api repos/brave/brave-core/pulls/$PR_NUMBER/reviews and related endpoints and "Analyze Review Feedback" which instructs the agent to interpret and act on those comments), which are untrusted third-party content that can influence actions.