seed-grpc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's required workflow explicitly instructs downloading media from public IPFS via the local HTTP gateway ("When a document references a media file... curl http://localhost:58001/ipfs/") and also retrieves and summarizes Seed documents returned over gRPC (rule: "Summarize large responses"), meaning it ingests untrusted, user-generated third‑party content from the public IPFS/web that the agent will read and use to form responses.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill includes an explicit runtime installation instruction to download the grpcurl binary from https://github.com/fullstorydev/grpcurl/releases, which is a required dependency that would fetch and run remote code if installed during skill execution.