ArgoCdCommand

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes the agent to untrusted, user-controlled repository and chart sources (e.g., commands like "argocd repo add https://github.com/org/repo.git", public Helm repos such as https://grafana.github.io/helm-charts, and ApplicationSet Git generators) and explicitly uses commands that fetch and display their contents (e.g., "argocd app get", "argocd app manifests", "argocd appset generate"), so the agent will read/interpret arbitrary third‑party content at runtime.