gh-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required workflow is to run gh CLI commands (e.g., gh issue view --comments, gh pr view --comments --files, gh run view --log, gh api --paginate ...) which at runtime fetch outsider-authored GitHub content (issues/PR comments/logs) and returns it as readable text into the agent’s context.