elmahio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to fetch and read user-generated log/error data and arbitrary API responses from the Elmah.io service (see "List Messages" and "Proxy requests" sections), which are third-party/untrusted content the agent will interpret as part of its workflow and could influence subsequent actions.