deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflows (see SKILL.md "Default Flow", "Docker / Compose Deploy", and references/troubleshooting.md) explicitly instruct the agent to run curl against MODE_HEALTH_URL, gh commands, npm/pip queries, and SSH/docker log commands that fetch public/remote health endpoints, GitHub Actions logs, package registry metadata, and remote service output which the agent must read and use to decide next actions, exposing it to untrusted third-party content.