quality-gate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches and ingests GitHub PR content (e.g., "gh pr diff" and "" referenced in Step 1/Step 2 of SKILL.md), which is user-generated third‑party content that the quality-gate agent reads and uses to make decisions, creating a risk of indirect prompt injection.