cli-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires the agent to fetch and inspect external API docs/OpenAPI JSON, articles, browser-app curl traces and other public docs as the primary "source" for designing the CLI (see "Start" and "Build Workflow" — "Source: API docs, OpenAPI JSON..."; "If the docs expose OpenAPI, download or inspect it"), so untrusted third‑party content would be read and used to drive command design and actions.