homebrew-cask-authoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md and references) instructs the agent to read and act on content from public, user-generated sources—e.g., searching and inspecting GitHub PRs/issue pages ("Search closed unmerged PRs", "check open PRs") and verifying/using external download URLs for artifacts—so untrusted third-party content is explicitly fetched and used to decide cask creation/testing steps.