jj-merge-repos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs adding and fetching remotes from arbitrary URLs/paths (e.g., "jj git remote add ... " and "jj git fetch"), causing the agent to ingest commit histories and repository content from external, potentially untrusted third-party sources which can materially affect rebase/conflict-resolution actions.