fusion-github-review-resolution

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests GitHub PR review threads and comments (see assets/pull-request-review-threads.graphql and scripts/get-review-comments.sh) and the SKILL.md workflow requires the agent to read and act on those user-generated review comments (deciding fixes, committing, replying, and resolving threads), so untrusted third-party content can directly influence tool use and next actions.