github-pr-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). Outsider-authored free text can enter the LLM context via GitHub PR review comments and PR body/description that the operating user did not author (e.g., reviewer comments and existing PR text are fetched at runtime and may be included when generating replies or updates).