agent-reference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to fetch and analyze public GitHub data via the gh CLI (see "Data Sources" #6 in SKILL.md and references/github-analysis-guide.md), which is untrusted, user-generated third‑party content and is read and used to drive project selection, analysis, and report generation — so external content can materially influence the agent's decisions.