find-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly falls back to and installs from external, public sources (skillhub and GitHub) — see SKILL.md's "skillhub — External Search (Fallback Only)" and the install-github / skillhub install commands and scripts/search.py — and then loads those skills via read_skills, so untrusted, user-provided skill content is fetched and can directly change the agent's behavior.