pda-multicurve

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly tells users to "Use Doppler deployments (https://github.com/whetstoneresearch/doppler/tree/main/deployments) as the contract source of truth" and its workflow and reference files include raw.githubusercontent.com links (e.g., in references/FLOW.md) indicating the agent is expected to fetch and interpret public GitHub/raw content which can materially influence initialization, migration, and exit decisions.