init-project-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly invokes third-party APIs and content (e.g., the glab api "projects/$(git remote ...)/members/all" or GitHub/gh lookups from the git remote and fetching Linear project/issues via the Linear MCP or .linear-project/CLAUDE.md references), and it reads and interprets those user-generated remote results to populate README/CHANGELOG and team/issue tables—so untrusted external content can materially influence the agent's outputs and actions.