graphite-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly delegates to Graphite CLI and git commands (e.g., gt stack, gt pr list, gt pr info, git log, git diff) and parses their output (including remote PR data and commit messages), which can ingest untrusted, user-generated content from third-party hosts (e.g., Graphite/GitHub), exposing the agent to indirect prompt injection.