google-continuous-fuzzing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and OSS-Fuzz integration instructions explicitly fetch and run third-party repositories and artifacts (e.g., the Dockerfile and OSS-Fuzz examples that run "git clone https://github.com/your/project.git", copy seed corpora, and the .github/workflows/fuzz.yml which checks out code), meaning untrusted, user-hosted content would be ingested and can influence build/run behavior.