solidity-security-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires the agent to read external, user-provided repo artifacts (e.g., "Read the contest README, scope.txt, and known issues list in the contest repo" in Contest Mode and it accepts repo links/code pastes), which are untrusted public/user-generated sources and are used to determine scope and audit actions—allowing those third-party documents to materially change the agent's decisions and workflow.