babysit-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses untrusted, user-generated content from public third-party sources — e.g., PR review threads, reviews, and issue comments via GraphQL/REST (One-Shot Phase 1 "Fetch" and references/github-api.md) and external CI logs/details (references/ci-platforms.md) — and then uses that content to triage, plan, and drive automated actions (Phase 3/4 and Monitor Phase 4/5), so third-party content can materially influence tool use and decisions.