ship-and-babysit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes user-generated GitHub content (e.g., "gh api repos/tinyhumansai/openhuman/pulls//comments", issue comments, and GraphQL reviewThreads plus CodeRabbit feedback) and instructs the agent to read, interpret, and act on that untrusted third-party content when deciding fixes and next actions.