git-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow (Phase 1 and Phase 3 in SKILL.md) explicitly runs commands like git fetch origin, git fetch upstream, git log, and gh pr view to read commits and PR metadata from remotes (origin/upstream), thereby ingesting untrusted, user-generated repository content which is used to decide sync strategy and next actions.