git-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly runs git operations that contact arbitrary remotes (e.g., "git clone ", "git fetch upstream", "git remote add upstream " and related fetch/pull commands) so it ingests untrusted, user-provided repository content which can materially influence merges, rebases, and subsequent agent actions.