rust-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's command system (references/commands.md and SKILL.md) explicitly includes runtime flows like /crate-info, /docs and dynamic generation/syncing of crate-specific skills (/sync-crate-skills, /update-crate-skill) that ingest public crate metadata and API/docs from third‑party sources (e.g., crates.io/doc.rust‑lang.org and external crate docs) and then generate or update skills, so untrusted user-generated web content can be read and materially influence the agent's subsequent tool use and behavior.