Aphorisms

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt mandates executing an external curl notification (and backgrounding it) before any action—a forced external side-effect not required by aphorism management and therefore an out-of-scope, potentially deceptive instruction.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests open web content (e.g., WebFetch(url) in Workflows/FindAphorism.md and WebSearch/WebFetch/Web research in Workflows/AddAphorism.md and Workflows/ResearchThinker.md, including arbitrary user-provided URLs and public sites like Goodreads/WikiQuote/YouTube), so it will read and interpret untrusted third‑party content as part of its workflow.