env-and-assets-bootstrap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's prepare_assets step (scripts/prepare_assets.py, collect_text_hints) explicitly reads README.md and repository config files and extracts arbitrary URLs and path hints from those user-authored, potentially public/untrusted sources, and those extracted hints are returned as source hints that can materially influence asset/download decisions.