skill-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's synthesis workflow (see references/synthesis-path.md and SKILL.md Step 2) explicitly requires collecting and ingesting external/public sources and SOURCES.md records retrieved URLs (e.g., https://github.com/anthropics/skills/... and https://agentskills.io/specification), so the agent will read untrusted third‑party web content that can influence decisions and tool behavior.