fetch-ticket

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses user-generated content from public third-party sources (e.g., GitHub via the gh issue view / gh pr view commands and YouTrack comments via mcp__youtrack__get_issue_comments), and it uses that content (description, comments, and milestone fields) to make decisions like extracting and selecting a target git branch—creating a clear path for indirect prompt injection.