evolving-ai-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Evolution Loop and Built-in Benchmarks explicitly ingest public, user-generated tasks (e.g., "SWE-bench Verified" uses "Real GitHub issues" per the Built-in Benchmarks), and those task inputs/observations are fed to the LLM-driven AEvolveEngine which mutates workspace files—so untrusted third-party content can directly influence tool actions and subsequent agent behavior.