visualize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md "Update Check" step instructs the agent to fetch https://raw.githubusercontent.com/abpai/skills/main/versions.json on first use and use that public GitHub-hosted JSON to decide whether to prompt the user to run an update (and potentially execute an update command), which clearly ingests untrusted third-party content that can influence subsequent actions.