sync-repos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads and scans files from a user-supplied "public" repository (see "Scan the public repo diff for PII and secrets" in SKILL.md and the PII Scan Patterns in REFERENCE.md) and uses those file contents to decide whether to abort or proceed with sync actions, so untrusted, user-generated repo content can materially influence behavior.