000-jeremy-content-consistency-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md prerequisites and references/how-it-works.md explicitly require fetching and extracting content from public websites ("Identify Website Sources" — any HTML-based website) and GitHub repositories using WebFetch, and that extracted untrusted, user-generated web content is analyzed and used to generate reports and prioritized actions, which could materially influence agent behavior and enable indirect prompt injection.