fix-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and reads GitHub Actions CI logs (see "Fetch — Download CI logs from GitHub Actions", the "Github Actions URL" field, and Workflow step 1: "read the github actions logs with gh command"), which are user-generated third‑party content that the agent must interpret and act on, enabling indirect prompt injection.