gh-fix-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses user-generated GitHub content (PR metadata and GitHub Actions logs) via the GitHub app and gh commands (e.g., "gh pr checks", "gh run view --log", "gh api /repos/.../actions/jobs/.../logs" and the plugin-provided PR metadata) and then reads those logs/snippets to summarize root causes and decide fixes, so untrusted third-party content can materially influence agent actions.