codex-exec

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Update Check" step fetches a public file from https://raw.githubusercontent.com/abpai/skills/main/versions.json and uses that remote metadata to decide whether to pause and offer running an update (npx skills update), so it ingests untrusted third-party content that can change the agent's subsequent actions.