ghostty-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests and exposes documentation crawled from public web sources (source: https://ghostty.org/ in docs/000-index.md and fetched_at metadata) and explicitly references/loads user-maintained third‑party content (e.g., iterm2-colorschemes themes, community GitHub package repos and curl-based install scripts in docs/005 and docs/009), which the agent is intended to read/consume as part of its workflow—so it can be fed untrusted, user-generated content that could contain indirect prompt-injection vectors.