gradle-build-performance

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs generating and analyzing Gradle Build Scans (e.g., "./gradlew assembleDebug --scan" and "Verify in Build Scan → Performance → Build timeline") which requires the agent to read/interpret user-generated build-scan pages on scans.gradle.com (public third-party content) and base optimization decisions on them.