applesauce-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill ingests public, user-generated Nostr content from arbitrary relays (e.g., pool.subscribeMany(relays, ...) adding events to eventStore, profileStore.requestProfile(pubkey), and verifyNip05 calls), so the agent will read and interpret untrusted third‑party data from the open web.