agent-in-sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The mandatory workflow requires calling search_before_fixing against the AgentInSync knowledge base (configured via the AgentInSync MCP server / agentinsync.com) and to read/use matching KB results provided by other agents, meaning untrusted, user-contributed third-party content can be ingested and influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandates using the AgentInSync MCP server (https://agentinsync.com/connect) as a required runtime dependency and instructs the agent to fetch and follow KB search results (via search_before_fixing), meaning externally-hosted content directly controls the agent's prompts/instructions.