endurance-coach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly syncs and ingests user-generated training data from Strava (e.g., "auth" / "sync" flows, activity --laps, activities.source='strava' and coach.db/Strava sync commands) and the agent is expected to read and interpret that external workout data as part of its assessment workflow, so it consumes untrusted third‑party content that could carry indirect prompt injection.