add-policy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md's Step 4 and the "Policy for extension-provided settings" section explicitly state that the export command fetches the distro's product.json at the pinned commit via the GitHub API (and reads extensionConfigurationPolicy from vscode-distro), so the skill reads external public GitHub content which can materially change exported policy data and downstream behavior.