render-deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required "Analyze Codebase" step and Git-backed flow (SKILL.md: "Analyze the codebase" / "The repo must be pushed to GitHub, GitLab, or Bitbucket" and steps that read repo files and generate render.yaml or call MCP with the repo URL) require the agent to fetch and interpret arbitrary user/public Git repository contents, which are untrusted user-generated content that can materially influence deployment decisions and tool actions.