ai-content-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflows explicitly instruct the agent to fetch and inspect arbitrary website resources (e.g., curl commands to check https://example.com/robots.txt, /sitemap.xml, /llms.txt and page HTML/headers) and then base configuration and remediation actions on those responses, meaning the agent will consume untrusted public web content that could carry adversarial instructions.