dotfile-systems-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow instructs fetching and executing remote content (e.g., the Chezmoi one-liner sh -c "$(curl -fsLS get.chezmoi.io)" in references/chezmoi-integration.md and cloning public dotfiles via git clone git@github.com:username/dotfiles.git in the Migration Guide), which pulls untrusted third‑party/public content that can contain instructions that materially change execution and tool behavior.