zephyr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly fetches public third‑party code and releases (e.g., "west update — fetches Zephyr + all modules" in SKILL.md and the references/west-manifest.md examples and the "Download from: https://github.com/zephyrproject-rtos/sdk-ng/releases" URL), meaning the agent will ingest untrusted GitHub/manifest content that can affect builds and follow-up actions.