using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly auto-runs dependency installs and builds (npm install, pip install -r requirements.txt, cargo build, go mod download) which fetch code from public package registries (npm/PyPI/crates.io/go modules) and then runs tests and reports their output, so the agent ingests and interprets untrusted third‑party content.