create-gitlab-mr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md step 1 explicitly instructs the agent to fetch and strictly follow the guidelines from a public raw GitHub URL (https://raw.githubusercontent.com/ibuildingsnl/reusable-ai-prompts/main/commit-message-instructions.md), meaning the agent will ingest and act on untrusted third-party content when composing commit messages, which could enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs at runtime to fetch and "strictly follow" the raw GitHub markdown at https://raw.githubusercontent.com/ibuildingsnl/reusable-ai-prompts/main/commit-message-instructions.md, so that external content directly controls the agent's commit-message formatting behavior and is a required dependency.