apple-dash-docsets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime workflow (SKILL.md) and scripts reference and use public catalogs and install sources — e.g., references/catalog_user_contrib_docsets.json and references/catalog_cheatsheets.json (GitHub URLs and raw feeds) and URL-install/search fallbacks — meaning the agent will fetch and act on untrusted, user-contributed web content as part of search/install decisions.