build-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's config files (vault/configs/*.json) include _source fields pointing to GitHub repos/URL sources and the workflow/subagents explicitly "download docs from source" using git/curl, so the agent will fetch and parse untrusted public user-generated content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly downloads documentation at runtime from the configured GitHub source (https://github.com/prisma/docs) and "filters with AI" to generate SKILL.md, so external content fetched during execution can directly determine agent prompts/instructions.