ostergotland-events

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md's workflow (step 3) explicitly instructs the agent to fetch and parse public event pages listed in references/calendars.md (e.g., visitlinkoping.se, municipal and venue event URLs) using webfetch/curl/lynx and step 4 requires interpreting and summarizing that third-party content, so untrusted public webpages are ingested and can materially influence the agent's actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). Skill instructs the agent to bypass TLS certificate validation (use of "curl -k"), which is an explicit instruction to circumvent a security mechanism even though it does not request sudo, create users, or modify system files.