claude-skills-overview-2026

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly describes dynamic context injection and forked web tools (e.g., the "!gh pr diff" example and WebSearch/WebFetch in the "Dynamic Context Injection" and pr-summary example files) that run live commands and ingest public PR comments/web pages (user-generated content) into the prompt for Claude to read and act on (summarize/apply fixes), which clearly exposes the agent to untrusted third‑party content that could carry indirect prompt injections.