github-issue-driven-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly relies on and manipulates GitHub Issues/Projects via the gh CLI (see SKILL.md workflow step 2 and scripts/codex-gh-workflow cmd_draft_issue, cmd_status, cmd_install_repo_labels, cmd_create_project which call gh project/issue commands), meaning it will read and act on user-generated, public GitHub content that can influence subsequent actions.