contribute-turbo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Source mode explicitly runs git pull --rebase origin main and then may run /update-turbo to apply any pulled upstream commits from the public GitHub repo (tobihagemann/turbo), meaning it fetches and ingests untrusted third-party repository content that can change runtime behavior.