git-onboarding-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow (Step 6) explicitly runs git clone and subsequent git/gh commands against that repository (e.g., git ls-remote, git remote get-url), which downloads and interprets arbitrary public/user-provided GitHub repositories (untrusted third-party content) that can change the agent's next actions.