github-project-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly uses repobar and GitHub CLI commands (e.g., repobar_cmd repos, gh issue list, gh pr list, gh pr view) to fetch and inspect issues/PRs and their text from GitHub—user-generated, third-party content that the agent is expected to read and that directly influences triage actions (comment/close/merge/rerun).