logic-extract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 "Locate Discovered Repos" step explicitly instructs the agent to search GitHub (gh api search/repositories) and clone discovered repos and then Phase 1/3 require reading and analyzing those repo contents, which are public user-generated third‑party content that can influence tracing and tool actions.