lineageos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs fetching and syncing source code from public Git repositories (e.g., repo init with https://github.com/LineageOS/android.git and repo sync) and pulling/cherry-picking changes from the public Gerrit instance (https://review.lineageos.org), which are untrusted, user-generated third-party sources the agent would retrieve and interpret as part of its workflow.