skill-hunter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly searches and retrieves public SKILL.md files from GitHub using the GitHub Search and Contents APIs (see "Discovery Phase" and "Extraction Phase" in SKILL.md), then parses and analyzes those raw, user-authored files—untrusted third-party content that the agent reads and uses to drive recommendations and analysis—so it can be influenced by embedded instructions in those files.