using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill auto-detects and runs project setup commands (e.g., "npm install", "pip install", "cargo build", "go mod download") which fetch dependencies from public package registries (npm/PyPI/crates.io, etc.), thereby ingesting untrusted third-party code/artifacts as part of its workflow.