git-worktree

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's script explicitly runs "git pull origin " and then copies .env files from the repository into new worktrees (see scripts/worktree-manager.sh and SKILL.md "Copies all .env files from main repo"), which means it fetches and ingests potentially untrusted, user-generated repository content from a remote origin that can materially alter runtime behavior.