artist-workspace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's SKILL.md explicitly instructs the agent to fetch and ingest public third‑party data—e.g., "Step 5: Pull Spotify catalog" via GET /api/spotify/artist/albums and "Step 6: Web search for additional socials (instagram / tiktok / twitter / youtube)"—and to read/interpret that data to populate RECOUP.md and drive follow-up API calls, so untrusted external content can materially influence tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly directs the agent to "Fetch it once at scaffold time and follow it in order" from https://developers.recoupable.com/workflows/create-artist, meaning remote content at that URL is fetched at runtime and used as the authoritative curl-by-curl playbook that directly controls the agent's subsequent instructions and workflow steps.