draft-blog-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (see "Source of truth" and "Gather context before drafting" in SKILL.md) instructs the agent to fetch and interpret git history from the public GitHub repositories (https://github.com/ShareX/XerahS.git, https://github.com/ShareX/ShareX.ImageEditor.git, https://github.com/McoreD/XerahS.Editor.git), which are untrusted, user-generated third‑party content that the agent must read and use to drive drafting and commit decisions.