vet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs running "vet --update-models" to "fetch the latest community model definitions from the remote registry" (Updating the Model Registry section), which pulls untrusted community-sourced model definitions that vet will read/use and can materially change model selection/behavior.