sync-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests content from public GitHub repositories (git clone in sync_github_repo) and skillsmp.com pages (curl in sync_skillsmp_page) and then installs that untrusted user-generated content into local AI tool skill directories, so third-party content is directly read and used to drive sync actions.