takt-skill-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit instructions that make the agent fetch and interpret user-generated third-party content—e.g., references/takt/builtins/ja/facets/instructions/gather-review.md directs the agent to run "gh pr view / gh pr diff / gh issue view" to retrieve PR/issue text and diffs from GitHub (untrusted, user-generated content) and to extract requirements and diffs that drive its subsequent decisions.