ostergotland-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly directs the agent to fetch and parse public event pages (using webfetch or curl) listed in references/calendars.md (e.g., visitlinkoping.se, motalasjostad.se, etc.), and those untrusted third‑party pages are read and used to decide which events to present, so their content could indirectly influence agent decisions or actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). Skill instructs the agent to bypass TLS certificate validation (use of "curl -k"), which is an explicit instruction to circumvent a security mechanism even though it does not request sudo, create users, or modify system files.