run-github-repo-evaluate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated GitHub content (e.g., the README and source files via the 'gh api repos/OWNER/REPO/readme' call referenced in references/code-level-analysis.md and the subagent prompt in references/subagent-dispatch-guide.md), and those contents are interpreted to drive scoring and recommendations, so untrusted third-party text can materially influence agent decisions.