Prompting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs using the Fabric CLI/update script to pull upstream patterns and to extract YouTube transcripts (e.g., "fabric -U" and fabric -y "https://youtube.com/..." and the update-patterns.sh call in the Prompting SKILL.md), which means the agent can ingest arbitrary public/user-generated web content and upstream template updates that may materially change prompts or tool behavior.