cli-mastery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required reference files (read on demand per SKILL.md), notably references/module-7-advanced.md and references/module-6-mcp.md, explicitly instruct use of /research (using GitHub search and web sources) and MCP/browser servers (e.g., server-puppeteer), so the agent is expected to fetch and interpret untrusted public web/user-generated content as part of its workflow.