jujutsu-colocated

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill instructs the agent to fetch and inspect remote repository data (e.g., "jj git fetch --remote origin", "jj bookmark list", and "jj log -r 'remote_bookmarks(remote=origin)..@'"), which ingests and interprets content from potentially arbitrary/untrusted remote (third‑party) repositories.