analyze-gitops-repo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md Phase 1 and the eval prompts) explicitly instructs cloning and scanning arbitrary public Git repositories (e.g., GitHub URLs) and the bundled scripts (scripts/validate.sh and scripts/check-deprecated.sh) fetch OpenAPI schemas from GitHub and run validation/migration against those repo files, meaning untrusted third‑party content is fetched and parsed and can influence analysis and subsequent actions.