ghmonitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly tells the agent to run gh run view --log-failed and poll GitHub Actions runs to retrieve and read workflow logs from GitHub (user-generated third‑party content) and to use those logs to diagnose and automatically fix failures, so third‑party content directly influences decisions and actions.