moldable

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly provides agent tools to add/sync skill repositories from public sources (e.g., addSkillRepo with GitHub-style URLs and syncSkills that "Downloads selected skills to ~/.moldable/shared/skills/") and those instruction-based SKILL.md files are read/interpreted by the agent, exposing it to untrusted, user-provided repository content (third-party skills) that could carry indirect prompt injection.