medusa

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes a "Memory Protocol (MANDATORY)" that directs the agent to read and record a local memory file (.claude/context/memory/learnings.md) and assume persistent context—an instruction unrelated to the Medusa coding guidance that attempts to access/modify agent memory and therefore constitutes a hidden/deceptive instruction.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill includes a "Memory Protocol" that explicitly instructs reading a local assistant memory file (cat .claude/context/memory/learnings.md) and to record new patterns back into memory—an explicit, deliberate attempt to access and persist internal/contextual data that constitutes a data-exfiltration/backdoor/privacy risk.