sheet-git

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and consumes hosted review and remote repository content (e.g., sheet-git clone, sheet-git remote add review, sheet-git proposal comments as described in SKILL.md and references/hosted-review.md), which are untrusted, user-generated third‑party inputs that the agent is instructed to read and that can change push/merge/sync decisions.