go-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The PR Review Workflow (Step 1) explicitly instructs the agent to fetch PR description, metadata, and diffs using gh pr view / gh pr diff (i.e., GitHub pull request content), which are user-generated/untrusted third-party content the agent will read and use to drive review actions and posting decisions.