git-sync-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill runs commands like "git fetch origin" and "git log HEAD..origin/main" and then reads remote commit messages and changed file lists from the origin/GitHub repository into its reports, which are untrusted, user-generated content that the agent interprets.