epic-caching

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow examples in SKILL.md show fetching and ingesting open/public third-party content (e.g., getGitHubEvents fetching https://api.github.com/users/${username}/events/public and getEvents fetching https://api.example.com/events, plus a fetchWithDedup that accepts arbitrary URLs), which are untrusted/user-generated sources that the agent is expected to read and whose data can influence subsequent behavior.