stale-pr-reminder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow (Step 1–3) explicitly calls list_repo_pulls, get_pull_detail, and list_pull_comments to fetch PRs and reviewer comments from Gitee repositories (user-generated, third‑party content) which the agent parses and uses to classify staleness and decide actions, exposing it to potential indirect prompt injection.