skill-editor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 1 explicitly requires running a web-search using the "webfetch" tool to fetch and inspect existing skills and community-maintained lists (for example, https://github.com/anthropics/skills and other online templates), which means the agent will ingest open/public third-party content that may be untrusted or user-generated.