git-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md) explicitly runs git fetch and tells the agent to read commit messages and conflicting file regions from remotes ("Inspect before act" and "Resolve with context"), meaning it ingests untrusted, user-generated content from third‑party git remotes that can directly influence merge/rebase/push decisions.