skill-neovim-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's subagent (Stage 5: Invoke Subagent) is explicitly instructed to "Search web for plugin documentation", which requires fetching and interpreting content from public third-party websites (untrusted/plugin docs) and thus exposes the agent to untrusted, potentially user-generated content that could enable indirect prompt injection.