git-merge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly runs "git fetch origin" and "git merge origin/{FROM_BRANCH}" (SKILL.md Step 1/Step 2), which causes the agent to pull and read code and files from a remote/untrusted repository (user-generated third-party content) that the agent is expected to inspect and use to decide merge/conflict resolution, enabling indirect prompt injection.