effect-ts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and examples (e.g., "Platform: HTTP Client" in SKILL.md, the ICanHazDadJoke tool handler in references/ai.md that calls https://icanhazdadjoke.com, and multiple snippets using fetch()/HttpClient.get to arbitrary URLs like https://api.example.com/data and dummyjson.com) clearly show the agent fetching and ingesting public third-party (including user-generated) content and using that content (and headers like retryAfter) to drive tool behavior and retry/scheduling decisions, which could enable indirect prompt injection.