helix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's references/languages.md explicitly shows tree-sitter grammars with source.git = "https://github.com/..." and the "Adding a Language" step tells the user to run "hx --grammar fetch && hx --grammar build", which causes Helix to fetch and ingest code from arbitrary public git repositories (untrusted third‑party content) that will be parsed and used by the editor and can materially change behavior.