flare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and commands (e.g., flare list-error-occurrences, get-error-occurrence in SKILL.md and references/workflows.md) explicitly fetch occurrence data and "solutions" from the Flare service (flareapp.io) — including user-generated attributes, code snippets, and provider-supplied fix instructions — and the agent is instructed to read and act on those items, which could contain untrusted, action-influencing content.