LLM Council

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly ingests and displays external model outputs from the Fireworks AI inference API (e.g., calls to https://api.fireworks.ai/inference/v1/chat/completions in Phase 1/2/3), uses those untrusted third-party responses and cross-model rankings as inputs to the Chairman synthesis, and thus allows external model-generated content to materially influence decisions and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime calls to the Fireworks inference API (https://api.fireworks.ai/inference/v1/chat/completions), and it directly injects the returned model outputs into Phase 2 rankings and the Phase 3 synthesis prompts, so remote content from that URL controls agent behavior and is a required dependency.