skill-create

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to clone and operate on a public GitHub repository (git clone git@github.com:sourman/skills.git /tmp/skills) and to verify via the GitHub URL (https://github.com/sourman/skills/tree/main/), which exposes it to untrusted, user-contributed SKILL.md files that the agent would read/interpret as part of its workflow.