maven-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly downloads and parses artifacts and POM/metadata from the public Maven Central endpoints (https://repo1.maven.org/maven2/ and https://search.maven.org), which are open third‑party repositories containing user-supplied package metadata that the agent is expected to read—so untrusted content could inject instructions indirectly.