github-cache-hygiene

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to run gh/gitcrawl commands such as "gh issue view", "gh pr view", and "gh search issues" which fetch issue/PR bodies, comments, and files from public GitHub repositories — untrusted user-generated content that the agent reads and can materially influence actions (comments, merges, closes).