triton-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs fetching and using a public GitHub repository (TRITON_REPO, via update-triton.sh / bash update-repos.sh triton) and then tells the agent to read/search those tutorial and source files as part of its workflow, which exposes it to untrusted third-party content from the open web (github.com/triton-lang/triton).