superpowers-using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The "Run Project Setup" steps (e.g., running npm install, cargo build, pip install/poetry install, go mod download) explicitly fetch and execute dependencies from public package registries (npm/Crates.io/PyPI/etc.), which are untrusted third-party content that can run code and influence subsequent test results and agent actions.