rust-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's fetch_all function (async fn fetch_all(urls: Vec, ...)) uses reqwest::get(&url).await?.text().await to retrieve arbitrary URLs from the open web, so the agent would ingest untrusted public third-party content (user-provided/website responses) as part of its workflow, allowing indirect prompt injection.