protocolsio-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and reference files explicitly instruct the agent to search and retrieve public protocols and user discussions from protocols.io (e.g., GET /protocols, GET /publications, GET /protocols/{id}, GET /protocols/{id}/comments) and to parse/act on steps, materials, and comments as part of workflows, which exposes it to untrusted, user-generated third-party content that can influence actions.