using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's "Run Project Setup" step explicitly runs package management commands (npm install, pip install, cargo build, poetry install, go mod download) which fetch and potentially execute code from public package registries (npm/PyPI/crates.io/etc.), i.e., untrusted third-party, user-contributed content that can materially influence the agent's environment and subsequent actions.