sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs git operations that fetch content from remote repositories (e.g., "git pull origin main", "git fetch upstream", and adding an upstream with ), which retrieves untrusted, user-generated repository content (commits, files, messages, READMEs) that the agent may read or use when reporting results or resolving conflicts.