skill-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md synthesis workflow (see references/synthesis-path.md and Step 2 of SKILL.md) explicitly instructs the agent to collect and ingest external public documentation (e.g., https://agentskills.io/specification and "relevant upstream implementations"/"domain/library documentation") and to use those sources to drive synthesis decisions and depth gates, so untrusted third‑party content is read and can influence the agent's actions.