github-profile-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Implement Automation (The 'Living Profile')" instructions in SKILL.md and the workflow example in references/profile-components.md explicitly call for ingesting public RSS/YouTube feeds and third-party endpoints (e.g., blog-post-workflow with feed_list, github-readme-stats, WakaTime, hits.seeyoufarm) to auto-populate and drive README/workflow updates, meaning the agent will fetch and act on untrusted user-generated web content that could influence subsequent actions.