skill-test

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs a remote search against skills.sh via the "find-skills" step and reads third-party skill documentation (see "Remote search: Queries skills.sh via find-skills" and "Read the skill's documentation" in Handling Special Cases), so untrusted, user-contributed content from the public skills catalog can influence which skills are selected, installed, and invoked.