rma-assessment-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (see SKILL_EN.md Step 2 "Batch Information Collection" which accepts an "Architecture document path: (file path or URL, if available)" and Step 3 "Intelligent Auto-Analysis" that states "If the user provides architecture docs or IaC code, immediately perform auto-analysis") requires fetching and parsing user-provided documents/URLs and using their content to auto-answer questions and drive recommendations, which clearly exposes the agent to untrusted third-party content that can influence decisions.