llm-infrastructure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to perform web searches ("Do a web search RIGHT NOW") and includes a script that fetches models from the public OpenRouter API (scripts/fetch-openrouter-models.py calling https://openrouter.ai/api/v1/models), so it ingests open/public third‑party content that could carry untrusted or user-generated data the agent must read and interpret.