python-async-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core examples and runtime template explicitly fetch and consume arbitrary open-web URLs (e.g., SKILL.md Core Concepts fetch("https://example.com"), references/aiohttp-patterns.md session.get(url) patterns, and assets/async-project-template.py's fetch/fetch_many using aiohttp), meaning untrusted public content/JSON/text is ingested at runtime and can be used to influence program flow and decisions.