flutter-animating-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md's "How to use" explicitly tells the agent to open and install the upstream bundle from the public GitHub repository https://github.com/flutter/skills, so the agent would fetch and read public, user-provided content (README/assets) as part of its workflow, which could enable indirect prompt injection.