halo-theme-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to "fetch the relevant online doc" from the References (e.g., raw.githubusercontent.com GitHub raw URLs listed throughout the References section), which means the agent is expected to retrieve and act on public, third‑party (user‑authored) content that can influence code-generation and subsequent actions.