render-deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires analyzing and ingesting a Git repository pushed to GitHub/GitLab/Bitbucket (see "Analyze Codebase" and the Git Repo Path / MCP create_web_service steps), which means the agent or MCP tooling will fetch and read arbitrary user-provided public Git repos (untrusted third‑party content) as part of its workflow.