claude-code-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Discover Community Resources" workflow and scripts/github-discovery.sh explicitly search/fetch GitHub public repositories (untrusted, user-generated content) and return results that the agent is expected to read and use to recommend or adopt community skills, which can materially influence subsequent decisions and tool use.