read-repo-references

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly supports "link" and "hybrid" references whose REF.md contains external URLs and instructs the agent to "Use WebFetch or browse the URL" (i.e., fetch and read arbitrary public web resources listed in .references//REF.md), exposing it to untrusted third-party content.