skill-creator-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs agents to use web-fetching (allowedTools include "WebFetch" in the TypeScript/Python examples) and even tells creators to "follow semantic GraphViz best practices from https://blog.fsck.com/2025/09/29/using-graphviz-for-claudemd/" (Step 4), meaning the spawned agents are expected to fetch and interpret public third‑party content that could influence their actions.