pgpm-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly includes fetching and installing external templates and packages (e.g., "pgpm init --repo https://github.com/org/templates.git --template my-template" in Workspace Initialization and "pgpm install @pgpm/faker" / "pgpm upgrade-modules" in Module Management), which causes the agent/CLI to ingest untrusted public GitHub/npm content that can materially influence runtime behavior.