xmake-env-vars

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states that XMAKE_RCFILES loads user-specified rc files before any xmake.lua (see "User-wide defaults: XMAKE_RCFILES") and shows adding external repos (e.g., "https://github.com/mycompany/xmake-repo.git"), meaning the agent can ingest user/third-party code and repository content that can alter toolchains, rules, and subsequent behavior.