extract-rules

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's PR Review mode explicitly fetches human review comments via the GitHub API (references/pr-review-mode.md, Steps P3–P5) and parses those user-generated, public PR comments to extract rules that will influence generated rule files and agent behavior, exposing the agent to untrusted third-party content.