dotstate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md explicitly mentions "GitHub sync" and requires configuring a remote git repository via the TUI and running commands like "dotstate sync" (commit, pull, push) and "dotstate activate" to fetch and apply files from that repository, so the tool ingests untrusted user-generated repo content (e.g., public GitHub) that can materially influence actions.