TBC Schema Updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs cloning and pulling the public GitLab repo (https://gitlab.com/to-be-continuous/kicker.git) and reads /tmp/kicker/src/assets/kicker-aggregated.json as the extraction input, which is untrusted, user-maintained third-party content that the scripts parse and use to generate schemas that materially affect validation and subsequent actions.