sdkman

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly auto-follows a repo's .sdkmanrc (SKILL.md Pattern D: "follow it via sdk env" and chain cd /path && sdk env && ./gradlew build), meaning it consumes untrusted, user-generated repository content and acts on it to change environment and drive subsequent tool use without confirmation.