frouter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). frouter actively pings and ingests metadata from public third‑party providers (NVIDIA NIM and OpenRouter APIs and the GitHub-synced model-rankings.json) as part of its required TUI workflow and uses those live results to select and write a model ID into OpenCode/OpenClaw configs, so untrusted provider/model content can materially influence which model/tool is used.