pr-fix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches PR review comments via GitHub API calls (see "Step 1: Fetch comments" with gh api repos/{owner}/{repo}/pulls/{number}/comments and reviews), reads and interprets those user-generated review bodies as part of validation and to decide fixes/commits, so untrusted third-party content from GitHub can directly influence agent actions.