kweaver-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-provided marketplace skill content (e.g., "kweaver skill market", "kweaver skill content --raw", "kweaver skill read-file", "kweaver skill download/install") as shown in references/skill.md and the main SKILL.md, meaning the agent will read and act on untrusted SKILL.md/ZIP content from a public skill market that could carry indirect prompt-injection instructions.