local-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly directs running a Cloudflare tunnel for external webhook access to the local FastAPI endpoints (e.g., /directive, /general-agent), which means the agent will ingest and act on arbitrary external webhook payloads from untrusted third-party sources that can drive directives or follow-up actions.