114-java-maven-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to fetch and parse public Maven Central content (Search API at https://search.maven.org/solrsearch/select and repository files from https://repo1.maven.org/maven2/, including maven-metadata.xml and POMs), which are untrusted, user-contributed third-party sources whose contents the agent must read and act on to verify coordinates and drive decisions.