agently-prompt-config-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's loaders explicitly read prompt content from files or raw text and even list "prompt text fetched from a remote config service" as an intended use (references/loading-mappings-and-key-paths.md), and that loaded prompt config (including .alias) is executed into agent/request prompt state so untrusted, public config could materially change agent behavior.