cc-skills-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs searching and analyzing public GitHub/ClawHub repos (see the "搜索 GitHub/ClawHub" step and the provided gh/clawhub search commands), which ingests untrusted user-generated content that the agent reads and uses to generate reports and decide follow-up actions.