scanning-kubernetes-manifests-with-kubesec

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly sends manifests to and ingests JSON responses from the public Kubesec HTTP API (e.g., SKILL.md "https://v2.kubesec.io/scan" and scripts/agent.py::_scan_via_api and scripts/process.py which curl/post to a kubesec URL), and those third‑party JSON fields (advise/critical/score) are parsed and directly drive gating, remediation output, and exit behavior—meaning untrusted external content can materially influence agent decisions.