sabnzbd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and forwards arbitrary public NZB/indexer URLs (see SKILL.md "Add NZB" and workflows and references/quick-reference.md examples) and the CLI script cmd_add in scripts/sab-api.sh encodes and sends those external URLs to SABnzbd and then reads queue/history JSON (which can include attacker-controlled filenames/metadata), so it clearly ingests untrusted third-party content that can influence agent-visible state and actions.