trace-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts "a path to a .ptrace file or a link to it" (Input) and its required Task Execution Steps and Appendix show running the trace_processor_api on that file, meaning the agent ingests and interprets arbitrary external .ptrace files (potentially from public/untrusted URLs) to drive SQL queries and generate analysis, so third-party content can influence its decisions and next actions.