using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill auto-runs package manager/setup commands (e.g., npm install, pip install -r requirements.txt, cargo build, go mod download) which fetch and may execute untrusted, user-contributed packages from public registries, exposing the agent to third-party content.