swift-code-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 "Context Gathering" (SKILL.md / core/swift-code-reviewer.core.md) explicitly instructs the agent to load and parse PR/issue text and diffs using commands like gh pr view, gh issue view, gh pr diff, and linked issue bodies — these are untrusted, user-generated third‑party contents that the agent will read and use to drive review decisions and follow-up actions, creating a clear risk of indirect prompt injection.