createos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly integrates with GitHub (see "Deploy from GitHub (Auto-deploy)" in SKILL.md and the listed MCP tools like GetGithubRepositoryContent / ListGithubRepositories in references/core-skills.md), which causes the agent to fetch and interpret user-owned/public repository content (untrusted third-party data) as part of the deployment workflow and can materially influence deployment/configuration actions.