da-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows using "da new my-app --template github.com/user/repo" (and other remote template forms), which means the CLI can fetch and instantiate arbitrary public GitHub/user templates (untrusted, user-generated content) as part of the documented workflow, and those templates can materially change generated code/config and subsequent tool behavior.