curate-a-team-library

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly instructs the curator to "add" via "simple GitHub imports" and to "catalog" upstream entries and to "browse before curating" (SKILL.md), meaning it will fetch and inspect public GitHub repositories—untrusted, user-generated third‑party content—that the agent is expected to read and that can influence what skills/tools are added.