blink-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs the agent to call the GitHub connector (e.g., blink connector exec github /repos/owner/repo/contents/README.md and other REST endpoints) to fetch repository files and PRs from public GitHub repos, which are user-generated/untrusted content the agent is expected to read and that can materially influence subsequent actions (creating issues, pushes, API calls).