submit-to-cran

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The workflow explicitly requires running urlchecker::url_check and reviewing win-builder / R-hub build logs and URL results (Steps 4, 5, 6 in SKILL.md), which fetch and expose arbitrary public web pages and external build logs that the agent is expected to read and act on, so untrusted third‑party content can influence next actions.