github-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's required workflow instructs the agent/user to call and inspect GitHub content (e.g., gh pr view, gh issue create, git remote -v | grep 'github.com' and the "Confirm: PR URL is accessible / CI checks are running" steps in SKILL.md), which fetches and reads user-generated third-party content on GitHub that can influence whether to proceed, so it exposes the agent to untrusted third-party content.