claude-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill documentation explicitly enables fetching external web content (WebFetch/WebSearch listed under "Tool Names") and includes an example that pulls third‑party, user-generated data ("Linear Standup" using mcp__linear__get_issues to fetch Linear issues), so the agent would read and interpret untrusted external content.