mev-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Data Source explicitly directs the agent to fetch and ingest a public GitHub raw file (https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md), which is user-generated, untrusted third-party content the agent is expected to read and use to decide what resources/links to include, so it could inject instructions that affect behavior.