writing-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly permits installing packages from npm/PyPI and pulling from GitHub repositories (see "Package dependencies" and "Runtime environment" sections), which allows the agent to fetch and read arbitrary third‑party, user‑generated code/content during execution and could enable indirect prompt injection.