xcode-build-fixer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md SPM Restructuring section explicitly instructs the operator/agent to run network commands like git ls-remote --tags <url> and xcodebuild -resolvePackageDependencies against upstream package URLs, meaning the agent would fetch and interpret remote (third‑party) repository metadata and use that to decide whether to pin or proceed—exposing it to untrusted external content that can influence actions.