learn-claude-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's setup and modules explicitly fetch and consume public third-party content—e.g., the setup step clones a public GitHub repo (git clone https://github.com/YazhuEth/cc-learn-playground) and Module 5/6 instructs using WebSearch, MCP servers, and installing skills (npx skills add), all of which cause the agent to read untrusted, user-sourced web content that can influence subsequent tool use and actions.