skill-security-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts a target Skill "remote repository URL" to pull and then extracts and analyzes SKILL.md and referenced URLs (see "Prerequisites" in SKILL.md and functions like extract_urls and scan_prompt_injection in references/tools.md), so it fetches and interprets arbitrary public/user-generated repo content that can materially influence audit actions and verdicts.