resolve-pr-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md Process step 2 explicitly fetches PR inline and review comments from GitHub (gh api repos/{owner}/{repo}/pulls/{number}/comments and gh pr view ...), which are user-generated/untrusted third-party content that the agent is required to read and act on (fix code and draft replies), enabling indirect prompt injection.