committing-scoped-changes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs subagents (see references/external-sources.md and the "Progressive Retrieval" sections in SKILL.md and each subagent file) to fetch public URLs such as git-scm.com, conventionalcommits.org, and external blog/UX pages, and those fetched, untrusted public pages are used to change grouping, message format, staging/verification behavior, or other commit decisions—so third-party content is read and can materially influence agent actions.