using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required "Run project setup" steps (創作步驟 → 運行專案設定) explicitly run package manager commands like npm install, cargo build, pip install/poetry install, and go mod download which will fetch and execute code from public package registries (third‑party, user‑published sources) whose outputs can affect tests/results and thus the agent's subsequent actions.