code-manage-nix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required Process steps (SKILL.md and SUBAGENT.md step 1) instruct the agent to use "WebSearch" or "nix-locate" / spawn code-researcher to find package attribute paths in public nixpkgs and on the web, which requires fetching and interpreting untrusted public web content that can change subsequent tool use and edits.