creating-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports dynamic context injection and includes examples that run shell/CLI commands which load external, user-generated content into the agent (e.g., the !gh issue view $1 --json title,body,labelsand other!`command`` directives), so the agent can ingest untrusted third‑party content (GitHub issues or arbitrary command/URL outputs) as part of its workflow.