stata-c-plugins

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's translation and build workflow explicitly instructs the agent to fetch and read public repository content (e.g., "repurpose the original package's test suite", "find the original's test files", and net install from "https://raw.githubusercontent.com/...") and to check/clone source packages on GitHub/CRAN (references/translation_workflow.md and SKILL.md), which are untrusted, user-generated third‑party sources that the agent is expected to read and use to decide architecture and implementation.