codeql

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and incorporates third‑party CodeQL packs (e.g., via "codeql pack download" and by adding community/trailofbits packs into generated .qls suites) and then runs and filters those queries as part of the run-analysis workflow (see references/ruleset-catalog.md, references/run-all-suite.md and workflows/run-analysis.md), so untrusted community query content is fetched and executed and can materially influence analysis and subsequent actions.