random-contributor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly calls for listing contributors via the public GitHub REST API and, if needed, falling back to scraping the repository's contributors page (public, user-generated content) and uses that data to pick a contributor, so untrusted third-party content is fetched and directly influences the agent's selection workflow.