lazycat-lpk-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required manifest spec (references/manifest-spec.md) explicitly allows inject scripts with http(s) URLs (and upstream/backends can be arbitrary http/https URLs), and the store-publish flow (references/store-publish.md) requires pulling public Docker images—so the skill's mandatory workflow accepts and causes fetching of untrusted third‑party web content and registry artifacts that can execute or change runtime behavior.