ln-522-manual-tester

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch missing shared files via WebFetch from the public URL pattern https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} and marks multiple "MANDATORY READ" reference files (templates, puppeteer patterns, test result formats) which the agent is expected to parse and act on to generate/run tests, so untrusted public GitHub content can materially influence tool use and decisions.