cs-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes runtime workflows that fetch and parse open public content (e.g., DBLP API calls in dblp-api/SKILL.md like GET https://dblp.org/search/publ/api and the Software Heritage API examples in software-heritage-api/SKILL.md that retrieve repository files), so the agent would ingest untrusted, user-published web content which could influence subsequent actions.