ty

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill includes scripts/sync_ty_releases.py which queries the public GitHub Releases API (https://api.github.com/repos/astral-sh/ty/releases) and parses/ingests release-note text—untrusted, third-party (user-generated) content—which the skill/documentation explicitly says the AI will read and use at runtime to determine feature availability and update SKILL.md, so it clearly meets the criteria for indirect prompt-injection exposure.