ghpm-work

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches GitHub issue bodies and comments using "gh issue view -R <content.repository> --json title,body,labels,comments" (references/clarify.md) and then reads and acts on that user-generated content to draft edits, make decisions, post comments, and create PRs, so untrusted third‑party input can materially influence the agent's actions.