git-commit-push-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and reads user-generated GitHub PR content (e.g., "gh pr view --json body --jq '.body'" and related gh repo/pr commands in DU-3 and Step 6) and uses that content to compose, compare, and edit PR descriptions, so untrusted third-party PR text can influence the agent's decisions and actions.