fallow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's config supports remote "extends" URLs (e.g., the "extends" field in the Configuration section shows "https://example.com/shared-config.json" and there's a FALLOW_EXTENDS_TIMEOUT_SECS controlling fetching), so running the tool can fetch and merge arbitrary remote config from public URLs which the agent will read and that can materially change analysis behavior and subsequent fix/action recommendations.