gh-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md contains gh api GraphQL queries that fetch GitHub Discussions (title, body, comments, authors) — public, user-generated content the agent would read as part of its workflow and could influence follow-up actions like comments or PR decisions.