codeql

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/fetch_sarif.mjs) explicitly fetch SARIF and code-scanning alerts from GitHub (elastic/kibana) for a given PR or ref and the SKILL.md describes using those fetched results as input for analysis, so untrusted GitHub-hosted content and user-generated scan messages would be read and could influence triage/next actions.