build-vs-clone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly requires web/ecosystem searches and reading external repos (see "Tier 5: General Ecosystem search", "prospect mode Phase 1: Clone it (shallow) if remote", and the Step 5 git clone example), meaning the agent will fetch and interpret arbitrary public third‑party repositories and webpages that can materially influence its adopt/borrow/build decisions.