marketing-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to analyze a codebase and, if none is provided, to fetch a GitHub repository via "github:get_file_contents" and to scan README.md, package.json, and source files — all public, user-generated content the agent will read and act on to shape its outputs.