CVE

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The IdentifyCVE and ResolveCVE workflows explicitly instruct the agent to fetch and read third‑party CVE pages and patches (e.g., "WebFetch https://nvd.nist.gov/vuln/detail/...", WebFetch to raw.githubusercontent.com, mcp__exa__web_search_exa searches, and curl to GitHub commits) and to base triage/patch/whitelist decisions on that content, exposing the agent to untrusted user-generated web content that can materially affect actions.