open-source-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's full guide explicitly instructs scanning and ingesting external, user-generated repositories (for example "trufflehog git https://github.com/org/repo.git" in references/full-guide.md and CI steps using actions/checkout) which the agent would read/interpret and whose findings drive actions like credential rotation and history rewriting, exposing it to untrusted third-party content that could carry indirect prompt-injection payloads.