github-jira

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's GitHub Actions (references/github-actions.md and the included .github/workflows: jira-label-pr.yml and jira-release-sync.yml) explicitly fetch and parse user-generated content — branch names, PR titles, and the GitHub release body (and JIRA issue fields via API) — and then use those parsed values to apply labels, update JIRA fixVersions, create versions, and drive further automated actions, so untrusted third-party content can materially influence tool behavior.