crit-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and syncs PR review comments from GitHub (see the "syncing with a GitHub PR (pull or push)" section and "crit pull [pr-number] Fetch PR review comments into the review file"), which are user-generated, untrusted third-party contents the agent will read and can influence subsequent actions (e.g., crit push), enabling indirect prompt injection.