janitor-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states the tool searches and ingests public GitHub repository content (matching keyword in name/description/README and topic tags) to analyze and score/compare skills, so untrusted user-generated GitHub content can directly influence its analysis and decisions.