migrate-from-e2b

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows cloning and running arbitrary public repositories (e.g., "git clone https://github.com/user/repo.git /app" in the "Git integration" examples and the template mapping that maps gitClone(url) → RUN git clone url), which causes the agent/sandbox to fetch and execute untrusted, user-generated web content that can change subsequent tool use and behavior.