ce-dspy-ruby

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill documentation (SKILL.md and references/toolsets.md) defines tools that perform arbitrary HTTP requests — e.g., ApiToolset uses HTTP.persistent(base_url) and GitHubCLIToolset exposes github_api_request to call the GitHub API — and these tools are provided to ReAct agents, meaning untrusted public web/social content can be ingested at runtime and influence agent decisions.