brains-trust

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches a live model list from the public site https://models.flared.au (see "Fetch current models — WebFetch https://models.flared.au/llms.txt" in SKILL.md and get_current_models() in references/provider-api-patterns.md) and uses that untrusted remote content to choose which external models/APIs to call, allowing third-party data to directly influence tool selection and subsequent actions.