godot-task

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's bootstrap step (tools/ensure_doc_api.sh) clones the public Godot GitHub repo to populate doc_api/ and the workflow explicitly instructs the agent to read doc_api/{ClassName}.md for API lookups and error recovery, so it ingests open/public third‑party (GitHub) content that can materially influence code-generation and tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's bootstrap script tools/ensure_doc_api.sh runs git clone https://github.com/godotengine/godot.git at runtime (when doc_api is missing) and the resulting documentation is processed and consumed by the skill (doc_api/*.md) as required context used to drive code-generation decisions, so external content directly influences prompts and is a runtime dependency.