cli-power-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and reference files (SKILL.md and references/nushell-structured-data.md / references/modern-unix-toolbox.md) explicitly show running HTTP commands against public APIs (e.g., "http get https://api.github.com/repos/...", "xh POST api.example.com/...") and pipelines that fetch and parse external JSON/URLs, meaning the agent is instructed to fetch, read, and act on untrusted public web content.