skill-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly instructs the agent to "Research on The Internet" (Step 2) and to "Activate /docs-seeker", use WebFetch/Explore subagents for arbitrary URLs and to add plugin marketplaces or install plugins from GitHub/git URLs (plugin marketplace hosting/sources sections), which causes the agent to fetch and interpret untrusted public web and repo content that can influence subsequent tool use and actions.