create-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Diagnose Mode explicitly instructs the agent to invoke WebSearch/WebFetch against public vendor docs, CVE databases, RFCs and other web sources during the Step 6.5 refinement loop (rules/diagnose-mode.md), meaning the agent will fetch and interpret untrusted third‑party web content that can change its proposed edits and actions.