ci-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and interprets user-generated GitHub content (commits, workflow YAML, check runs and, when available, failing-step log excerpts) via mcp__github__get_commit / mcp__github__list_commits / get_check_runs and uses that content to classify failures and decide comments/issues, so untrusted third‑party GitHub data can materially influence actions.