yao-tutorial-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and research guides (SKILL.md steps 2–3, references/input-adaptation.md and references/research-sourcing.md, plus the README) explicitly instruct fetching and ingesting public third‑party sources (e.g., X.com posts, papers, GitHub repos and public websites) and then using that material to build the tutorial, source-register, and evidence-map—i.e., the agent reads untrusted web/user-generated content and that content is used to drive decisions and outputs.