gitlab-ci-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly says the skill will "Fetch additional documentation" using Context7, WebSearch, and WebFetch (including docs.gitlab.com and remote/include/component URLs) and will read remote includes/components as part of validation, so it ingests untrusted public web/user-generated content that can influence validation decisions.