nix-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs adding public GitHub flakes as inputs and using pkgs.fetchurl to pull binaries from external URLs (see "Flake Structure" and "Creating Binary Overlay Repos" sections), which ingests untrusted third‑party content (public repos/URLs) that can change overlays/packages and therefore materially influence behavior.