Using Git Worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Run Project Setup" and "Creation Steps" explicitly run package manager commands (e.g., npm install, pip install -r requirements.txt, poetry install, cargo build, go mod download) and then run project tests, which fetch and execute code from public package registries and use their outputs to decide next steps, exposing the agent to untrusted third-party content that could indirectly inject instructions.