copilot-cli-quickstart

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly references installing and using arbitrary third‑party skills and MCP servers (e.g., "/skills add owner/repo" to install a skill from GitHub and /mcp to connect external servers), which causes the agent to fetch and read user-generated content from public GitHub repos or external services as part of its workflow.