hyperstack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires running the external CLI "hs explore --json" to fetch machine-readable entity and view definitions from public Hyperstack stacks (e.g., "ore"), meaning the agent will ingest and act on untrusted, third-party runtime data that can change subsequent code-generation and behavior.