fix-renovate-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill requires reading GitHub PR bodies, issue comments, and CI job logs via MCP GitHub tools (e.g., "Review PR context and comments" and "Read failing job logs end-to-end"), which are untrusted, user-generated third-party content that the agent must interpret to decide fixes.