github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly instructs the agent to gather and interpret structured PRs, issues, comments, patches, and repository state via the GitHub app (SKILL.md: "Gather structured PR or issue context through the GitHub app" and "PR comments, labels, and reactions"), which are user-generated, public third-party contents that can influence triage and follow-up actions.