github-star-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill programmatically fetches user-generated content from the public GitHub API (e.g., get_starred_repos, get_readme, get_latest_release in scripts/star_tracker.py and the API endpoints listed in references/api-guide.md) and feeds README/release/commit text into AI summarization and decision logic (summarize_with_ai, assess_value, cleanup/export flows), so untrusted third-party content can directly influence tool actions and next steps.