exploring-repos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly calls DeepWiki APIs (mcp__deepwiki__read_wiki_structure, mcp__deepwiki__read_wiki_contents, mcp__deepwiki__ask_question) to ingest AI-generated documentation derived from public GitHub repositories (and even suggests fallbacks like the gh CLI and Perplexity), meaning untrusted, user-generated third-party content is read and interpreted as part of the agent's workflow.