using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required "Run Project Setup" step (Creation Steps) auto-runs package manager commands like npm install, pip install, cargo build, go mod download, and poetry install which fetch and may execute untrusted third‑party packages from public registries that can materially influence subsequent actions.