lev-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and workflows explicitly instruct scraping and ingesting public websites and GitHub repositories (see references/advanced-workflows.md "skill-seekers scrape" with base_url and GitHub scraping examples) and the setup script which clones/installs Skill_Seekers from a remote repo, so the agent will fetch and process untrusted, user-generated third‑party content as part of its workflow.