ln-732-cicd-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch missing shared files via WebFetch from raw.githubusercontent.com (https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}), meaning the agent ingests public, potentially untrusted third-party template content that is parsed and used to generate CI workflows and thus can materially influence subsequent actions.