implement-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 1 explicitly fetches GitHub Issue content via "gh issue view ", meaning it ingests public, user-generated GitHub issues which the agent is required to read and use to plan and implement code, allowing malicious or instructive third-party content to influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs "gh issue view " at runtime to fetch a GitHub Issue (i.e., a GitHub Issue URL) and uses that remote issue content to drive planning and implementation, so the fetched URL-controlled content directly controls agent instructions.