archive-searcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly directs integration with external search APIs ("GitHub API" and "Sourcegraph" under "Integrating with External Search APIs") and advises fetching context via a browser for Jira IDs, meaning the agent is expected to fetch and read untrusted, user-generated public repo/web content as part of its workflow, which could enable indirect prompt injection.