debug-fuzzer-failure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses GitHub Actions logs from a public URL (e.g., https://github.com/.../actions/runs/...) and instructs extracting "Program:" and "Inputs:" sections—untrusted, user-generated third-party content the agent must read and interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill instructs fetching and extracting a GitHub Actions job URL at runtime (e.g. https://github.com/noir-lang/noir/actions/runs/12345/job/67890) to obtain a reproduced Noir project whose code/inputs are then executed locally (nargo execute), so external content directly controls code that will be run.