github-release

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs git fetch --tags and inspects commits via git log to determine the next semver and to draft release notes, meaning it ingests user-generated commit messages from the (possibly public) remote repository which can directly influence versioning and subsequent actions.