gh-code-scanning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the GitHub API via the gh CLI (see scripts/Get-CodeScanningAlerts.ps1 and scripts/get-code-scanning-alerts.sh using "repos/{owner}/{repo}/code-scanning/alerts") and programmatically parses rule descriptions and sample paths (user/repo-generated content) which are then used to drive actions like grouping, filtering, and backlog issue creation, so untrusted third‑party content can materially influence agent behavior.