vp-stacked-pr-rebase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses user-generated GitHub content (PR commits, titles, messages, and merge metadata) via gh/gh api in its core workflow (see SKILL.md and references/parent-detection.md / references/commit-classification.md), so untrusted third-party data from GitHub is read and used to drive commit classification and execution decisions.