cve-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries and ingests public third-party sources — NVD (services.nvd.nist.gov), OSV.dev (api.osv.dev), GitHub Advisory (github.com/advisories), and open-web search via Exa (MCP web_search_exa) — and uses those results to drive cross-referencing, prioritization, and remediation decisions, so untrusted user-generated or public web content can materially influence agent actions.