github-search-before-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and scripts explicitly search public GitHub (scripts/github_search.py) and instruct the agent to "Read: WebFetch README" and analyze repository READMEs/code from public GitHub repos, which are untrusted, user-generated third‑party content that the agent reads and uses to drive coding decisions.