repomix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and packages remote, public repositories (e.g., SKILL.md "Remote Repository Support" and examples like "npx repomix --remote https://github.com/owner/repo" and scripts/repos.example.json), and the repomix_batch.py implementation builds and runs repomix with --remote on arbitrary owner/repo or URL inputs, meaning the agent will ingest untrusted, user-generated third‑party code for processing.