skill-nix-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Stage 5 "Invoke Subagent" step explicitly instructs the spawned nix-research-agent to "Search web for NixOS/Home Manager documentation" and "Query MCP-NixOS" (public web/docs), and those external findings are read, analyzed, and synthesized into reports/metadata that directly influence subsequent actions (artifact linking, status updates, commits), so untrusted third-party content can materially affect agent behavior.