sandi-metz-reviewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and parses user-supplied code as part of its workflow ("Quick Start" step 1: Parse the code) — i.e., it will read and interpret untrusted, user-generated content provided at runtime, which could carry indirect prompt-injection payloads.