ecosystem-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent/tooling to fetch and consume user-provided/open-source repositories and GitHub PR data (e.g., "imi clone {repo-url}", use of "gh pr view" and the "github-mcp" mapping), so the agent will read and interpret untrusted, user-generated third‑party content.