shopify_theme_builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly clones a public GitHub repo as a base theme (Phase 3: "clone https://github.com/jaredjester/hydroshell-swimbuds.git") and downloads arbitrary remote asset URLs into the theme assets (Phase 4: "download remote URLs"), both of which ingest untrusted third‑party content that the agent will read and incorporate into its build workflow and could therefore influence subsequent actions.