python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly shows using pip to "Install Packages" (e.g., x python pip install requests), which fetches and installs code from public package repositories (PyPI) — untrusted, user-generated third-party content that the agent may download and execute, allowing indirect injection of behavior.