dash-docset-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md step 5 and the related scripts dash_catalog_match.py and dash_catalog_refresh.py) explicitly relies on catalog snapshots like references/catalog_user_contrib_docsets.json and references/catalog_built_in_docsets.json (which contain public GitHub/raw.githubusercontent.com URLs) — public, user-contributed content that the agent is expected to read and use to recommend docsets and next actions, so it can materially influence behavior.