cs-networks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to perform HTTP requests and socket connections to external hosts (e.g., requests.get('https://api.example.com/data'), socket.connect(('example.com', 80')), DNS lookups, and to parse/act on responses (response.json(), status-code handling), which clearly ingests untrusted public third‑party content as part of the workflow.