hand-drawn-diagrams

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill is sourced from a public GitHub repository, and its runtime workflow (installing/running the upstream bundle) would ingest the repository’s README/assets/scripts and any included text content into the agent context, which is outsider-authored free text via public web content fetched at runtime.