sosumi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch external Swift-DocC pages using sosumi.ai/external/{full-https-url} and exposes an MCP tool fetchExternalDocumentation to retrieve arbitrary HTTPS pages (e.g., GitHub Pages, Swift Package Index), meaning the agent will ingest public, potentially untrusted third‑party content that can influence its decisions.