prowler-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's provider and service templates (assets/provider.py, assets/service.py, and assets/client.py) explicitly instantiate GitHub API clients and eagerly fetch repositories and organization data from GitHub (public, user-generated third-party content) which are then read and used by checks to determine pass/fail outcomes, so untrusted content can influence agent decisions.