open-alva

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests open third‑party content (SKILL.md's SDKHub "feed_widgets" lists news, Twitter/X, YouTube, Reddit and SKILL.md also says you can fetch external HTTP APIs from the JS runtime), and the adk.agent examples + feed/Altra workflows show agents and trading strategies reading those feeds/fetch results and using them to make decisions, so untrusted user-generated content can directly influence tool calls and actions.