qveris

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill (scripts/qveris_tool.py) calls the QVeris API at https://qveris.ai/api/v1 to search for and execute third‑party tools (README and script mention web search, news retrieval, and thousands of external APIs) and then reads/displays the returned results, which can include untrusted/user-generated open-web content—exposing the agent to indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime calls to the QVeris API at https://qveris.ai/api/v1 (via search and /tools/execute) to discover and invoke external tools, which can execute remote code and directly control agent behavior, and this API is a required dependency (QVERIS_API_KEY).