slash-command-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill includes explicit examples and frontmatter that allow fetching external web content—e.g., EXAMPLES.md's /review-pr runs gh pr view and gh pr diff against GitHub PRs (user-generated content) and FRONTMATTER.md exposes WebFetch/WebSearch—so the agent will ingest and interpret untrusted third‑party content as part of its workflow.