managing-starship-fork

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly runs "git fetch upstream" and "git merge upstream/master" against the public upstream repo (upstream: starship/starship), which ingests untrusted third-party code from GitHub that could change the built binary and thus alter agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs git fetch/merge against the upstream and origin repositories (TrevorS/starship and starship/starship) and then cargo builds and installs the resulting code as the starship binary that directly controls the shell prompt, so fetched remote content is executed and controls prompts at runtime.