sync-fork

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and inspects remote Git repositories (see SKILL.md Phase 1: "Fetch both remotes", "git remote -v", and the helper script usage) and the helper script (scripts/sync_fork.py — functions like classify_branches and compute_divergence call git log/branch/range checks) reads commit messages and branch metadata from those remotes, so arbitrary third-party repo content (commit messages, branch names, etc.) is consumed and can materially affect decisions and actions.