write-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly uses prompt preprocessing via !`command (e.g., "Diff: !gh pr diff", "Analysis: !python ${CLAUDE_SKILL_DIR}/scripts/analyze.py" in frontmatter/preprocessing examples) which injects external, user-generated content (PR diffs/CLI/API outputs) into the agent prompt and therefore could allow indirect prompt injection from untrusted third-party sources.