duende-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs scraping and ingesting Duende's public documentation from https://docs.duendesoftware.com/llms-full.txt (see "Scrape All Documentation" and the "Source" lines), so the agent fetches and reads third-party web content at runtime which can influence indexing, search results, and subsequent tool-driven actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime scraping workflow and scripts explicitly fetch and ingest https://docs.duendesoftware.com/llms-full.txt (used by scrape_docs.py) which is then injected into the local index/model context and therefore directly controls prompts/responses and is a required runtime dependency.