vs-fix-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly fetches and parses user-generated PR comments via GitHub commands (e.g., "gh pr view ... --json comments" and "gh api repos/$REPO/pulls/$PR_NUM/comments ...") and then reads and acts on those comment bodies to decide fixes, draft replies, and resolve threads, so untrusted third-party content can materially influence actions.