skill-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's synthesis and source-discovery workflow (references/synthesis-path.md and references/source-discovery.md) and its SOURCES.md explicitly require collecting and scoring external public docs and operational evidence (e.g., upstream docs, issue threads/PRs, support threads, and other public websites), which the agent is expected to read and use to decide execution shape and authoring actions—exposing it to untrusted third‑party content that could carry indirect prompt injections.