cup-cig

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and parse public third‑party sources (e.g., the OpenCUP project page at https://opencup.gov.it/portale/progetto/-/cup/{CUP}, the OpenBDAP OData endpoint, the SCP‑MIT REST endpoints, and ANAC BDNCP bulk CSVs) and to interpret those results as part of its workflow, so untrusted external content can influence subsequent tool calls and decisions.