putio-frontend-repos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's release-security.md explicitly instructs the agent to "inspect live GitHub state" and to run gh api commands (e.g., creating environments and checking branch/tag policies), which requires fetching and interpreting user-generated repository data on GitHub that can materially influence deployment and workflow decisions.