cmd-fix-github-actions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to fetch and inspect GitHub Actions run logs (see Process step 1: gh run view --log-failed), which are untrusted third-party/user-generated content that the agent must read and use to decide fixes, so those logs could carry indirect prompt-injection instructions.