ai-request-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to check and read existing skills in the public GitHub repository (https://github.com/lebsral/dspy-programming-not-prompting-lms-skills and the skills/ directory), which are user-generated, untrusted third-party content that the agent must interpret to decide actions (build vs request) and to drive PR/issue creation, so third-party content could materially influence behavior.