pr-status

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill calls gh to fetch PR data and comments (e.g., "gh pr view --json comments" and "gh pr checks", "gh pr view --json reviews") and interprets PR comment bodies and CI/check outputs as part of its decision-making (Claude review detection, CI/review/merge readiness), which clearly ingests untrusted, user-generated third-party content from GitHub that can influence actions.