oh-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Outsider-authored free text can enter the LLM context via GitHub PR/commit check-run log content fetched at runtime (gh api .../check-runs/.../annotations and gh run view --log-failed), which includes failure messages/annotations written by external CI workflows and other contributors.