skills-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to download and read external Skills repositories (e.g., "npx skills" to download target repositories and to read their SKILL.md and scripts/ files), which are untrusted third-party sources whose contents the agent must interpret and that can influence tool use and decisions.