skillforge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The README and SKILL.md explicitly state Phase 0 "analyzes any input—prompts, errors, code, URLs" (README.md / SKILL.md), which indicates the agent will fetch and interpret arbitrary public URLs and use that untrusted third‑party content to drive routing, creation, and tool-use decisions.