generators

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly documents fetching and applying application templates from arbitrary URLs (see references/templates.md: "rails new myapp -m https://example.com/template.rb" and "bin/rails app:template LOCATION=https://example.com/template.rb"), which pulls and executes untrusted third‑party template code that can run generators and commands and therefore can inject instructions that alter tool behavior.