sync-template

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill requires cloning and reading a public GitHub repository (opensrc/repos/github.com/blogic-cz/blogic-template-ts via "bun run opensrc:use") and explicitly runs gh-tool/gh commands to read release notes, commits, and PRs which the agent must interpret to decide sync actions, exposing it to untrusted third‑party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill mandates cloning the remote git repo blogic-cz/blogic-template-ts (via "bun run opensrc:use" -> opensrc/repos/github.com/blogic-cz/blogic-template-ts/) at runtime and then uses those fetched template files as the template source/context in delegation prompts and plan generation, meaning external content directly controls agent instructions.