worker-image-investigation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts and docs clearly fetch and parse data from public Taskcluster and Treeherder APIs and follow SBOM URLs (see scripts/investigate.py get_worker_sbom and the SKILL.md curl examples), which are untrusted third-party sources whose contents are read and used to determine imageVersion and drive investigation decisions.