gen-release-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Step 1 explicitly fetches merged PR data using the gh pr list ... --json command against the project's GitHub remote (user-generated, third-party content) and then requires the agent to analyze and categorize those PRs to generate release notes, so those external PR titles/descriptions can materially influence the agent's actions.