secure-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and reference docs explicitly describe fetching and ingesting untrusted external content — for example, references/prompt-injection-defense.md includes a fetchWithSandbox(url) that fetches URLs, references/output-validation.md describes sanitizing RAG retrieved documents, and SKILL.md's "Assess supply chain risks" delegation instructs inventorying third‑party models/datasets — so the agent is expected to read untrusted third‑party content that could influence tool use.