mthds-publish

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts GitHub addresses (Step 1: "GitHub (short)" / full URL) and instructs running the CLI to publish from those repos (Step 2: mthds-agent publish <org/repo>), which means it fetches and processes arbitrary public GitHub content (untrusted, user-generated) that can materially influence publish decisions and subsequent actions.