llm-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes code and threat-model examples that fetch and summarize arbitrary external webpages (e.g., references/security-examples.md's summarize_url/fetch_url example and threat-model "User asks JARVIS to summarize a webpage") and also discusses loading models from public hubs (e.g., HuggingFace), meaning the agent is expected to ingest untrusted third-party content that could carry indirect prompt injections.