ci-auto-fix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads GitHub-hosted, user-generated content (e.g., CI logs via "gh run view --log-failed", PR checks via "gh pr checks", and repository workflow/source files with "find .github/workflows"), and the agent is expected to interpret those untrusted logs/files to decide and perform fixes, so third-party content can influence actions.