multi-repository-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill routinely pulls and reads code and metadata from remote repositories defined in the workspace (e.g., claude-multi-branch.sh uses git pull, multi-grep.sh and find-file.sh search repo contents, analyze-dependencies.sh reads package.json, and workspace.yaml contains GitHub URLs), so it ingests untrusted, user-generated third‑party content as part of its workflow.