network-security-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly whitelists public, user-generated sources such as raw.githubusercontent.com and public package registries (e.g., registry.npmjs.org, *.npmjs.org) and describes workflows (git clone, npm install) where the sandbox/agent would fetch and run third-party code, so the agent would read/interpret untrusted external content that could contain indirect prompt injections.