init-private-rules

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches and parses a public manifest at https://raw.githubusercontent.com/dev-goraebap/agent-collab/main/manifest.json (see "Skill update check" in SKILL.md guardrails), and the fetched data is used to decide whether to stop, warn, or change execution flow—exposing the agent to untrusted third-party content that can influence actions.