agent-skills-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill provides scripts and templates (e.g., scripts/add_source_submodule.sh, scripts/configure_sparse_checkout.sh, create_skill.sh, and SOURCE_STRUCTURE.md) that explicitly add and pull arbitrary public git repositories (e.g., https://github.com/org/repo.git) into the skill's source/ directory for the agent to read, exposing it to untrusted, user-generated third-party content.