Prompting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly documents fetching external Fabric patterns and public content (e.g., running ~/.opencode/.../update-patterns.sh which uses fabric -U to pull upstream patterns, and fabric -y "https://youtube.com/..." to extract YouTube transcripts), and those externally-downloaded pattern files/transcripts are then read and applied as prompt instructions, so untrusted public/user-generated content can directly influence agent prompts and actions.