fix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's pr-comments workflow explicitly runs "github-search (fetch PR context)" and the example "/fix pr-comments" shows it fetches PR comments and uses them ("Comments: {diagnosis.pr_comments}" → "Create implementation plan for each comment"), so the agent ingests user-generated, potentially public GitHub content that can materially influence planning and actions.