multi-ai-debugging

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses web research via the Gemini CLI to "Search for solutions" (Operation 1) and to fetch Stack Overflow/GitHub issues and other web content (Multi-AI Coordination / "Verify with Gemini" snippets), meaning the agent fetches and interprets untrusted, user-generated public web content as part of its workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill explicitly enables automated self‑healing and remediation actions (e.g., clear_temp_files, compress_old_logs, graceful_restart, consider_rollback) and runs CLI/system investigation commands, which direct an agent to modify system state and potentially perform privileged operations even though it doesn't explicitly ask for sudo or user creation.