Shipyard CLI

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly documents loading remote, user-provided resources (e.g., init --remote and templates with source set to HTTPS/GitHub raw URLs in references/configuration.md), so Shipyard/agents will fetch and render arbitrary third‑party content (untrusted/user-generated) as part of normal workflows.