license-compliance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, user-authored content (e.g., cloning GitHub repos via license_check.clone_and_install and org_scanner.py, and querying public APIs like GitHub API in scripts/github_api.py, npm registry in scripts/ecosystems/js.py, PyPI in scripts/ecosystems/python.py, crates.io, Maven Central, pub.dev, NuGet, etc.), and those external license/commit/registry responses are parsed and used to classify violations and drive decisions/reporting—so untrusted third‑party content can materially influence behavior.