customize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflows and src/index.ts explicitly add integrations for external channels (Telegram/Slack/Discord/email) and instruct storing and routing incoming messages from those external, user-generated sources, so the agent will ingest untrusted third-party content that could carry indirect prompt injections.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). This skill explicitly instructs modifying deployment/service configuration (creating service files, updating paths, and restarting agents with system service commands) and to make code/system changes directly, which can alter the machine's state and potentially require privileged operations.