release-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and interprets user-generated repository data (git commit messages and bodies via git log/diff in "Step 2" and PR author metadata via "gh pr view" in "Step 4") — untrusted third-party content from GitHub/commit history is used to determine version bumps, changelog entries, and commit content.