continuous-learning-v2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's import command and CLI explicitly fetch and parse instincts from arbitrary HTTP/HTTPS URLs (see commands/instinct-import.md and scripts/instinct-cli.py cmd_import which uses urllib.request to load URLs like https://github.com/... or other community collections), and those imported, untrusted instincts are merged and can change agent behavior (saved into inherited instincts and used by evolve/status), enabling indirect prompt-injection via third-party content.