gspdev-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly runs GitHub CLI commands (e.g., "gh api repos/jubscodes/get-shit-pretty/milestones" and "gh issue list") and instructs the agent to "Read issue bodies to extract Related / Blocks / Depends on" so it ingests user-generated GitHub issue content and uses that content to drive dependency analysis and task recommendations, allowing untrusted third-party text to influence behavior.