ai-security-tooling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Data Source" section explicitly instructs the agent to fetch the complete list from the public raw GitHub URL (https://raw.githubusercontent.com/gmh5225/awesome-ai-security/refs/heads/main/README.md), which is untrusted, user-maintained third-party content that the agent is expected to read and use to update tool lists and decisions.