rebase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and ingests content from a remote repository (e.g., "git fetch ") and then reads commit logs and file contents via commands like git log, git show, and "read each conflicted file" (Steps 1 and 5), and it uses that content to make conflict-resolution decisions, so untrusted/user-generated repo content could indirectly inject instructions that influence agent actions.