continuous-learning-v2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's import command (scripts/instinct-cli.py cmd_import) explicitly fetches arbitrary HTTP/HTTPS URLs via urllib.request.urlopen and then parses and imports those remote instincts into the agent's inherited instincts (and SKILL.md documents the /instinct-import flow), so untrusted third-party content from the open web can be read and used to influence agent behavior.