git-repository

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes commands that fetch and incorporate public repositories and templates (e.g., git clone , git submodule add https://github.com/org/shared-lib.git, cookiecutter https://github.com/org/project-template.git and other examples), meaning it expects the agent to retrieve and act on untrusted, user-generated content from public third-party sources.