skill-evaluation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Step 2.5 explicitly requires adding a "skills.sh" platform trust overlay and using public signals (install counts, GitHub stars, raw GitHub/skills.sh audit info referenced in the docs) — meaning the agent must fetch and interpret untrusted, user-generated content from public sites (skills.sh, GitHub/raw.githubusercontent) which directly affects the trust modifier and final recommendation.