wiki-onboarding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly asks for a source repository URL (Source Repository Resolution: "Ask the user: 'Is this a local-only repository, or do you have a source repository URL (e.g., GitHub, Azure DevOps)?'") and requires grounding claims in actual code with linked citations (REPO_URL/blob/BRANCH/...), so it will ingest and interpret user-provided/public repository content (untrusted, user-generated) as part of its workflow.