deneb-visuals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Fetching Docs" workflow explicitly directs the agent to retrieve and use public web content (via microsoft_docs_search/microsoft_docs_fetch, mslearn search/fetch, and WebFetch for vega.github.io) and references/community-examples.md documents fetching templates from raw.githubusercontent.com and GitHub repos, which are untrusted user-generated sources the agent is expected to read and act on when building/injecting specs.