sca-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to download and use public vulnerability and package registry data (see "Vulnerability Database Sources" listing nvd.nist.gov, github.com/advisories, osv.dev, npmjs.com, pypi.org and commands like "trivy image --download-db-only", "grype db update", and osv-scanner auto-updates), so it clearly ingests untrusted third‑party content that the agent must read and that can materially influence scanning results and remediation actions.