run-github-repo-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, untrusted third‑party content—via gh CLI searches of public GitHub repos (including README/description filters) and supplementary web searches (site:github.com, Reddit, Hacker News, arbitrary web search results) as required in the SKILL.md workflow—whose README/descriptions/community posts are parsed and used to drive search hypotheses, selection, and subsequent actions, so malicious or user-generated content could indirectly influence the agent's decisions.