xrepo-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows xrepo fetching and installing packages and upstream source from public repos (e.g., "Packages come from the official xmake-repo https://github.com/xmake-io/xmake-repo", add-repo with GitHub URLs, and "xrepo download ... fetches and extracts the upstream source") and instructs using xrepo info/fetch outputs to choose install/config options, so untrusted third‑party package/repo content is retrieved and can influence subsequent tool behavior.