agent-mesh-a2a

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to query and call arbitrary published agents on the open agents.hot network (see "Step 1 — Discover Available Agents" and the A2A pipeline in SKILL.md), ingesting their JSON/text outputs (e.g., saved /tmp/*.txt or streamed JSONL) from untrusted third-party agents and using those results to drive subsequent calls and decisions, which allows indirect instruction injection.