grc-block-query

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's query script (scripts/query_grc_blocks.py) explicitly fetches and parses content from public third-party sites (GitHub API for gnuradio, https://wiki.gnuradio.org/, and https://www.ettus.com/) as part of its required lookup workflow (see SKILL.md and the script's search_* functions) and uses that parsed content to produce field values and update the local DB, so untrusted web content can materially influence agent behavior.