github-ai-trends

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/fetch_trends.py explicitly queries the public GitHub Search API (https://api.github.com/search/repositories) and ingests user-generated repository metadata (names, descriptions, topics, URLs) which are then formatted and emitted verbatim for chat output, so untrusted third-party content could carry instructions that influence subsequent agent behavior.