issue-refine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and reads user-generated GitHub issue content via "gh issue view" (see SKILL.md step 1 and parent-issue API steps) and uses that text to re-evaluate Status and drive edits, so untrusted third-party issue content could materially influence the agent's decisions and actions.