golangci-lint-strict

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow and installer script explicitly fetch an exact config from the public upstream raw URL (https://raw.githubusercontent.com/powerman/golangci-lint-strict///.golangci.yml as shown in SKILL.md and assets/install-strict-config.sh), causing the agent to ingest and act on untrusted public repository content that can materially change tooling behavior.