rust-security

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly fetches and inspects advisories from the public RUSTSEC site (e.g., "curl https://rustsec.org/advisories/RUSTSEC-2023-0001.json | jq ." and "cargo audit --db ~/.cargo/advisory-db fetch"), indicating it ingests untrusted third‑party advisory content that the agent must read and which can materially influence security decisions.