skill-installer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and ingests content from GitHub (e.g., scripts/list-curated-skills.py uses the GitHub API and scripts/install-skill-from-github.py downloads repos via codeload.github.com and git), so it will read and install arbitrary public/private repository files (user-generated third‑party content) as part of its workflow.