orbit-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly pulls live, user-generated GitHub data ("Pulls the past 24 hours of PRs, review requests, issues, CI runs, and merges from the user's authenticated GitHub connection" in SKILL.md) and the shipped example.html (and its ) reads PR titles/labels and uses that content to populate the UI and build URLs, so untrusted third‑party content is ingested and directly drives rendering/behavior.