osmedeus-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly documents runtime features that fetch and ingest arbitrary web content—e.g., the "http" step type and agent preset tools "http_get"/"http_request", plus the CLI "--module-url" flag to fetch module YAML—and the examples (Example 5 Agent-Powered Security Analysis and references/step-types.md) show the agent reading those untrusted third-party responses and using them to drive analysis and actions.