get-weather-forecast

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly fetches and parses live content from the public wttr.in site (see SKILL.md Procedure step 2 "curl wttr.in/{{LOCATION}}" and scripts/run.sh calling curl wttr.in/Sydney), so untrusted third-party responses are ingested and used to drive the agent's output/decisions, creating a risk of indirect prompt injection.