create-hook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly includes WebFetch/WebSearch tooling and instructs fetching external docs (e.g., "PreToolUse" WebFetch fields and "Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt" in SKILL.md), so the agent will fetch and interpret open web content that could contain untrusted, user-generated instructions that affect hook decisions.