twelve-factor-app-modernization

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Step 1: Clone and Inventory" workflow explicitly requires git clone and instructs the agent to inspect repository files (code, Dockerfiles, manifests), meaning it fetches and ingests arbitrary public/untrusted third‑party repositories whose contents could influence analysis and subsequent actions.