parallel-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Agent Coordination docs explicitly instruct running a review agent that checks out and "read[s] a PR diff" (references/agent-coordination.md) using gh/git operations against GitHub PRs and comments, meaning the agent will ingest and act on user-generated, public PR content which could contain untrusted instructions.