setup-ralph-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs Ralph/Claude to read and act on open GitHub issues, issue comments, and (optionally) spike GitHub issues as the task source (see SKILL.md prompts like "Look at the open GitHub issues..." and the "Ralph reads them" / "Ralph's durable progress state ... lives in GitHub issues, issue comments, and commits"), which are untrusted, user-generated third‑party content that the agent is expected to interpret and that can materially change tool use and next actions.