kotlin-compiler-plugin-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs using the deepwiki MCP (via the mcp__deepwiki__ask_question tool) to fetch and inspect live GitHub repository source code (e.g., "repo_name: 'JetBrains/kotlin'") so the agent will read and act on untrusted public third-party content when deciding extension points and implementation steps.