rhdh

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs use of the GitHub CLI (see references/github-reference.md and SKILL.md routing to rhdh-plugin-export-overlays) to fetch PRs and file contents from public upstream plugin repositories and arbitrary tarball/OCI URLs (user-generated, untrusted sources) and to read/interpret that data to drive actions like /publish, labeling, and merge decisions, which can therefore enable indirect prompt injection.