contribute-turbo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill pulls and reads files from the upstream public repo (e.g., git -C ~/.turbo/repo pull --rebase origin main and reading ~/.turbo/repo/SKILL-CONVENTIONS.md), so content from that third‑party GitHub repo can be ingested and materially influence actions like running /update-turbo, applying migrations, or shaping commits/PRs.