keripy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly includes runtime HTTP fetching and resolution of external OOBI/URLs—e.g., Clienter.request(method, url), Hab.fetchUrl()/fetchUrls(), messengerFrom(hab, pre, urls), and Oobiery.processOobis() in references/app-services.md—which causes the agent to ingest and act on untrusted third-party URL content (used by Kevery/Exchanger flows), so external content could materially influence tool actions.