ralph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Advanced Background Execution Rules explicitly direct the agent to run package installation commands (npm install, pip install, cargo build) and to run builds/tests and read their outputs, which entails fetching and executing code from public package registries (untrusted, user-published third-party sources) that can influence verification results and subsequent actions.