github-research-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly requires fetching and reading public GitHub repository content (Step 1: get repo info and Step 2: "Read Key Files" like README.md, package.json, main source files), which are untrusted, user-generated third‑party sources that the agent will interpret and use to drive its analysis and outputs.