theme-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public GitHub content (Phase 1's curl to https://api.github.com/repos/Weaverse/pilot/releases and Phase 3's compare/.diff and tarball URLs from github.com) and then reads and acts on release notes/diffs to plan and apply code changes, so untrusted third‑party content can influence tooling and actions.