intervals-time-entry

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly and mandatorily calls the read-github-activity capability to fetch PR titles/bodies and uses those user-generated GitHub PR/commit content to enhance descriptions, infer repo→project mappings, adjust time allocations, and decide how to fill Intervals entries (see Phase 1.5 in SKILL.md), which exposes the agent to untrusted third‑party content that can materially change its actions.