knowledge-explorer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's fetch-github command (see "What it fetches" in SKILL.md) uses the gh CLI / gh api to fetch arbitrary GitHub repository metadata, README and docs (public, user-generated) which the agent ingests into draft KB entries and influences subsequent add/update/generation workflows, so untrusted third‑party content can materially alter behavior.