agent-sync-coordinator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads content from GitHub (e.g., Bash "gh api repos/:owner/:repo$contents$ruv-swarm$docs/CLAUDE.md" and use of mcp__github__get_file_contents / mcp__github__search_repositories) and treats those files as a source-of-truth for synchronization, updates, and orchestration, so untrusted public repository content can materially influence agent actions.