consult

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly says it queries external AI CLIs (Gemini CLI, Codex CLI, Claude Code, OpenCode, Copilot CLI) and returns their responses as part of its workflow, exposing the agent to untrusted third-party output that could contain instructions and influence decisions.