repomix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports fetching and processing remote public repositories (e.g., GitHub URLs via "npx repomix --remote" described in SKILL.md's "Remote Repository Support" and implemented in scripts/repomix_batch.py), so it ingests untrusted, user-generated third‑party content which is then packaged and used for downstream AI analysis and could therefore enable indirect prompt injection.