base

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required runtime script scripts/setup.ts spawns third-party tooling (e.g., running "turbo link") and reads/interprets its stderr (checking for "User not found" and "IO error") to decide follow-up actions like running "turbo login" or retrying, which clearly consumes untrusted external service output that can influence tool use and control flow.