github-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs the agent to read GitHub user-generated content (e.g., "gh pr view --comments", "gh issue view " and to parse PR bodies/comments) from public repositories on github.com, which are untrusted third‑party sources and can contain instructions that influence subsequent actions.