obsidian-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's bundled reference "references/agent-dos-donts.md" explicitly instructs the agent to clone external repos into the .ref folder (e.g., .ref/obsidian-dev/plugins/) and to check files like .ref/obsidian-api/obsidian.d.ts, which requires fetching and reading untrusted public repository content that can influence subsequent actions.