balatro-mod-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly spawns research sub-agents that read and grep installed third‑party mods (e.g., mod-pattern-researcher with a search boundary of ~/Library/Application Support/Balatro/Mods/ as shown in SKILL.md and references/sub-agents.md), and those untrusted, user-authored files are ingested and used to drive research, planning, and code-writing, so their content could materially influence the agent's actions.