github-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 1 and the "Show What Needs Attention" workflow) explicitly queries GitHub and reads full issue bodies and all comments (user-generated content from the repository's issues) as part of triage, which the agent then interprets to decide labels, comments, and follow-up actions — exposing it to untrusted third-party content from GitHub issues/comments.