mise

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill documentation explicitly describes fetching and executing public, user-provided content (see references/tasks.md "Remote Tasks" with file = "https://example.com/build.sh" and git::https://github.com/..., plus custom plugin URLs and remote backends in references/configuration.md and references/advanced.md), so untrusted third-party scripts/URLs can be ingested and influence tool behavior.