create-rule

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's Phase 0 explicitly requires fetching the latest official documentation (see "Phase 0: Gather Up-to-Date Documentation" and the Task tool call to the claude-code-guide agent, plus the referenced URL https://code.claude.com/docs/en/memory), which instructs the agent to ingest external public website content that will influence rule creation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires fetching the official Claude Code memory documentation at https://code.claude.com/docs/en/memory during runtime (via the claude-code-guide subagent) and uses that external content to determine and drive the agent's rule-writing instructions, so the URL directly influences prompts and is a required dependency.