nitro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly says to fall back to the public URL https://nitro.build/llms.txt when local docs are unavailable, meaning the agent would fetch and read content from an external public website as part of its workflow, which could supply untrusted instructions.