architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly instructs the agent to fetch and read content from public package registries and code hosting (e.g., crates.io, npmjs.com, pypi.org, and GitHub) and to "fetch source code" and "read documentation," which are open, third‑party/user‑generated sources the agent would parse as part of its workflow.