mastra

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow explicitly instructs the agent to fetch and consume external documentation from public URLs (e.g., https://mastra.ai/llms.txt and other https://mastra.ai/*.md pages as described in SKILL.md and references/remote-docs.md, including a WebFetch example), so untrusted third‑party content can directly influence its decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime fetching of remote documentation (e.g., https://mastra.ai/llms.txt and agent-friendly .md pages like https://mastra.ai/reference/workflows/workflow-methods/then.md) via WebFetch to load markdown optimized for LLM consumption that would be injected into the agent context to control prompts/instructions and is relied on as the required fallback when local packages are absent.