app-observability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs ingesting and reviewing user-generated frontend data (e.g., Faro session replay, captured console/errors and session logs via the Faro collector URL and "View session replay" in Frontend Observability), meaning the agent will read and act on untrusted third-party content captured from end users.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill includes runtime-executed external dependencies—notably the CDN script loaded at runtime (https://unpkg.com/@grafana/faro-web-sdk@latest/dist/library/faro-web-sdk.iife.js) and the Java agent download executed at startup (https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/latest/download/opentelemetry-javaagent.jar)—which are fetched and executed during runtime and are presented as required options for frontend/Java instrumentation.