git-student-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports analyzing a public GitHub URL (SKILL.md "Cas A — URL GitHub fournie"/README examples) and the scripts (scripts/extract_commits.sh and scripts/analyze.py) ingest and interpret commit messages/diffs from those repos (user-generated, untrusted content) which directly drive scoring, alerts, reports and even optional LLM diff analysis (references/llm-diff-analysis.md), so third‑party content can materially influence the agent's outputs and actions.