to-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "Gather context" step explicitly tells the agent to fetch a GitHub issue URL with gh issue view <number> (with comments), which ingests public, user-generated content from GitHub that the agent will read and use to drive issue creation and decisions.