using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Post-Creation Setup explicitly runs package install/build commands (e.g., "npm install", "cargo build", "pip install -r requirements.txt", "go mod download") which will fetch and execute untrusted, third‑party packages from public registries (and the "git fetch origin" step further pulls remote commits), exposing the agent to user-generated external content that can influence tooling and behavior.