skill-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's reference.md documents the !command`` dynamic context injection (Dynamic Context Injection section) which explicitly allows running commands that fetch live API responses or other external data and injects that output into the prompt, meaning untrusted third‑party content can be read and directly influence the agent's actions.