dr-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports installing collections from arbitrary Git URLs (e.g., "dr -col add " / "Collections | Git repos" and examples like "dr -col add https://github.com/team/scripts.git") and can load helpers from those collections (e.g., loadHelpers @my-collection), which means the agent will fetch and read/execute untrusted, user-controlled public repo content.