evenium-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs the agent to call RUBE_SEARCH_TOOLS against the Rube MCP endpoint (e.g., https://rube.app/mcp / composio.dev toolkits) to fetch tool schemas and "recommended execution plans" and then to read/interpret those results at runtime, which exposes it to untrusted third‑party content from a public API that could carry indirect prompt injection.