configure-coverage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly tells the agent to "Use WebSearch or WebFetch to verify latest versions of coverage tools" (Step 1), which instructs fetching and interpreting open web content that could influence which packages/commands the agent installs or runs, exposing it to untrusted third-party content.