related-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill discovers and installs skills from the public inference.sh skill registry (e.g., inference.sh/explore and npx skills search/list against inference-sh/skills), which exposes the agent to open, potentially user-generated skill descriptions and READMEs that it would read/interpret.