mechanic-task-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Task Writing Workflow explicitly instructs the agent to "Search existing tasks FIRST" and to browse the public Task Library at https://tasks.mechanic.dev (and to use MCP endpoints like mcp__mechanic-mcp__search_tasks / mcp__mechanic-mcp__get_task), which requires fetching and reading untrusted, user-contributed public content that can directly influence task-writing decisions.