go-runtime-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to check the public website pkg.go.dev/std and read the "Version: goX.Y.Z" line, so the agent must fetch and interpret untrusted third-party web content which will directly determine version-update actions.