using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's required workflow (SKILL.md) auto-runs dependency installation/build steps (e.g., "npm install", "cargo build", "pip install -r requirements.txt", "poetry install", "go mod download") which fetch and incorporate untrusted, user-contributed packages from public registries and can materially affect runtime behavior or execute code, enabling indirect injection risks.