find-skills-plus

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and extracts descriptions from public skills.sh pages (user-contributed, third-party content) and uses those extracted paragraphs as part of its output, meaning the agent ingests and interprets untrusted web content that could contain injected instructions.