iroh-p2p

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md includes runtime examples where the node subscribes to gossip (node.gossip.subscribe), fetches blobs/docs from other peers (node.blobs.get_bytes, node.docs sync) and uses DHT/ public relays to discover peers — i.e., it ingests untrusted, user-generated content from arbitrary peers/relays and then acts on it (fetch/write files, trigger syncs), which could enable indirect prompt-injection-style influence.