skf-test-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's mandatory coverage workflow (steps-c/step-03-coverage-check.md) loads and follows the Source Access Protocol (references/source-access-protocol.md) which explicitly permits using remote reading tools (e.g., gh API, zread, deepwiki, gh CLI) to fetch public repository entry-point files and provenance data; that remotely fetched, user-generated content is parsed and used to compute coverage/coherence and scoring, so untrusted third‑party content can materially influence analysis and decisions.